It would force the inclusion of a “trusted root” into browsers & OSs with the purpose of allowing government entities to spoof certificates. As certificate pinning is becoming mainstream, I would assume it’ll require browser & app vendors to weaken those controls too.
You’d hope ECHR’s prior ruling would block this too. For the exact same rationale.
But it’s not spyware. The eIDAS law proposes that governments can insert certificates that spoof the originator. A subtle difference.
I really hope Mozilla don’t comply
Still weakening encryption standards.
It would force the inclusion of a “trusted root” into browsers & OSs with the purpose of allowing government entities to spoof certificates. As certificate pinning is becoming mainstream, I would assume it’ll require browser & app vendors to weaken those controls too.
You’d hope ECHR’s prior ruling would block this too. For the exact same rationale.
deleted by creator