• JoJo@beehaw.org
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    That’s categorically false, they want to inject their own trusted certificates into browsers that’re distributed in the EU, so that any MITM traffic will “just function”. Basically they’re forcing a backdoor for every encrypted channel.

    Furthermore they want to make certificate transparency next-to-illegal; remove protections and warnings for when someone is requesting certificates for your domain when you haven’t requested them, plus other uses.

    • Arthur Besse@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      I’m not sure what part of my comment you’re saying is categorically false? I agree with your assessment of eIDAS! I even made a meme about it.

      I guess you’re disagreeing with me saying this restricts companies’ implementations of TLS rather than TLS itself? I’m saying that because the law is specifically talking about web browsers, and doesn’t appear to apply to other uses of TLS.