• sovietknuckles [they/them]
    link
    fedilink
    English
    81 year ago

    But one of the requirements of eIDAS 2.0 is that browser makers trust government-approved Certificate Authorities (CA) and do not implement security controls beyond those specified by the European Telecommunications Standards Institute (ETSI).

    State-mandated backdoors seem bad

    • @Boomkop3@reddthat.com
      link
      fedilink
      English
      51 year ago

      I’m kinda disappointed this is happening again. Certificate authorities just say “this person is who they say they are”. They can’t reroute traffic, trick you into connecting to the wrong ip, or decrypt traffic