EU Article 45 requires that browsers trust certificate authorities appointed by governments::The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from…

  • clutch
    link
    fedilink
    English
    arrow-up
    29
    arrow-down
    6
    ·
    1 year ago

    Commercial CAs are not that better either

    • Send_me_nude_girls@feddit.de
      link
      fedilink
      English
      arrow-up
      26
      arrow-down
      8
      ·
      edit-2
      1 year ago

      Companies always have a name and money to lose and are a hurdle for overreaching hands. The government has no reputation nor money to lose and a simple agreement opens all doors if it’s already government owned. A big difference to me personally.

      The government should only ever own things that would fail or be worse, if in public hands. Like infrastructure for instance.

      • TheMurphy@lemmy.world
        link
        fedilink
        English
        arrow-up
        24
        arrow-down
        5
        ·
        edit-2
        1 year ago

        Absolutely don’t agree that companies are more trustworthy than governments.

        My guess is that you have an awful government in your home country, but not here. And yes that could change, but they are at least voteable.

        Companies are NEVER your friend.

        • Aux@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          23
          ·
          1 year ago

          Companies are ALWAYS your friend. The government - not so much.

          • jabjoe@feddit.uk
            link
            fedilink
            English
            arrow-up
            8
            ·
            1 year ago

            Large companies only care profit. They will hand over your privacy/security in a blank of an eye if to not do so costs them. Snowdon showed companies hand stuff to governments. I doubt it’s changed. They are heart money machines remember.

            Least governments are in theory democratically accountable. Having to trust someone at all is really a problem with CAs. Maybe you want different CAs you can choose from. I’d trust one from nonprofit FOSS groups like Debian more than big tech or governments to be honest.

      • uis@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        Companies always have a name and money to lose and are a hurdle for overreaching hands.

        Doesn’t work.

        Government too have name, money and people to loose.

        The government has no reputation nor money

        Ok, in some sense they do not have money, but they definetly have reputation.