- cross-posted to:
- hackernews@derp.foo
- cross-posted to:
- hackernews@derp.foo
EU Article 45 requires that browsers trust certificate authorities appointed by governments::The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from…
It’s not very complicated but it does take too long: https://bugzilla.mozilla.org/show_bug.cgi?id=435736
It took them 10 years to resolve this request.
It’s kind of sad when government moves faster than your triage team. Definitely want to speed that one up.