deleted by creator
The legislation requires web browsers to trust EU countries’ CAs (which browsers already tend to do, but are presently free to remove when they’re observed being misused) and prohibits doing non-ETSI-approved validity checks (eg, certificate transparency, which is a way CA-misusing MITM attackers can be caught).
Wouldn’t you say the point of that particular clause is to reduce browser security (so that cops and intelligence agencies are free to exploit it without interference from CT)?
[This comment has been deleted by an automated system]
[This comment has been deleted by an automated system]
Europeans: “Those perfidious Russians and the nefarious Chinese are the two single biggest threats to our domestic security. Why… they’ll just hack into any old thing and fill it full of evil communist propaganda. They’ll shut down our critical infrastructure, hijack our data services, and spam us so full of phishing attempts that you won’t know what’s safe to click on! And all just to watch us fail, then laugh at us. The fiends!!!”
Also Europeans: “Google’s CEO said we need to dismantle the last ten years of digital safety standards so we can undermine the YouTube adblocker. Make this our top priority.”