94
Last Chance to fix eIDAS: Secret EU law threatens Internet security — Mozilla
(last-chance-for-eidas.org)
this post was submitted on 02 Nov 2023
94 points (97.0% liked)
Technology
34395 readers
453 users here now
This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.
Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.
Rules:
1: All Lemmy rules apply
2: Do not post low effort posts
3: NEVER post naziped*gore stuff
4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.
5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)
6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist
7: crypto related posts, unless essential, are disallowed
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
How long before the devs or an extension give us the option to manually distrust CAs?
The proposed legislation says that browsers "can't do adicional validations on the certificates from the CA" (more or less this wording) meaning a simple check CAA DNS check from a browser would be against said legislation.
Does a "warning, cert issued by a government agency" count as additional validation?
Or maybe everyone is going to use cert pinning now. Or Firefox is going to stop trusting all CAs and make you verify each CA yourself. Which is a terrible idea for the average user.
From what I gather they can't do that either.
Same as above. This would be effectively "adicional validations on the certificates".
Would be legal but annoying. Bet they would legislate to force their CAs / be exempt from that user verification.