I haven’t had a chance to check anything yet, but given who (Mozilla) is reacting and how, I suspect this is just another case of EU authorities acting to protect their citizens from (American) corporate abuse
I haven’t had a chance to check anything yet, but given who (Mozilla) is reacting and how, I suspect this is just another case of EU authorities acting to protect their citizens from (American) corporate abuse
Not in this case. I suggest you read the open letter (which is signed by 335 scientists and researchers from 32 countries so far).
Or, do you consider it to be corporate abuse when Mozilla prevents governments from using their certificate authorities to launch MITM attacks and impersonate websites for the purpose of intercepting internet traffic? Because that is what we’re talking about.
Until I find the bloody proposal that none of it’s detractors seems to dare link to, I’m going to assume that I, as a citizen of EU, has a clear and present interest in not having Mozilla et al using their control of our browsers to block government services.
I can do without my browser suddenly deciding that it doesn’t trust the fire department, thank you very much.
(Or the pharmacy, or my doctor, or, or or at lot of things.)
How is giving any EU state the ability to be a certificate authority in your browser for issing a certificate for any site, without them needing to follow the rules the browser vendors have for what makes an authority trustworthy, with no option to disable them or add additional checks to their validity, “protecting their citizens from (American) corporate abuse”?
From the Mozilla post:
Any EU member state has the ability to designate cryptographic keys for distribution in web browsers and browsers are forbidden from revoking trust in these keys without government permission.
[…]
There is no independent check or balance on the decisions made by member states with respect to the keys they authorize and the use they put them to.
[…]
The text goes on to ban browsers from applying security checks to these EU keys and certificates except those pre-approved by the EU’s IT standards body - ETSI.
I haven’t had a chance to check anything yet, but given who (Mozilla) is reacting and how, I suspect this is just another case of EU authorities acting to protect their citizens from (American) corporate abuse
Not in this case. I suggest you read the open letter (which is signed by 335 scientists and researchers from 32 countries so far).
Or, do you consider it to be corporate abuse when Mozilla prevents governments from using their certificate authorities to launch MITM attacks and impersonate websites for the purpose of intercepting internet traffic? Because that is what we’re talking about.
Until I find the bloody proposal that none of it’s detractors seems to dare link to, I’m going to assume that I, as a citizen of EU, has a clear and present interest in not having Mozilla et al using their control of our browsers to block government services.
I can do without my browser suddenly deciding that it doesn’t trust the fire department, thank you very much.
(Or the pharmacy, or my doctor, or, or or at lot of things.)
deleted by creator
What a wildly inappropriate waste of a thesaurus.
Are you competing in some obscure Internet irony competition?
I don’t know whether it’s true.
I am however confident that you don’t know either.
But as for the “slightest” research, riddle me this: Why is there no link to the proposal in the article?
How is giving any EU state the ability to be a certificate authority in your browser for issing a certificate for any site, without them needing to follow the rules the browser vendors have for what makes an authority trustworthy, with no option to disable them or add additional checks to their validity, “protecting their citizens from (American) corporate abuse”?
From the Mozilla post: