this post was submitted on 02 Nov 2023
347 points (98.3% liked)

Europe

8484 readers
1 users here now

News/Interesting Stories/Beautiful Pictures from Europe πŸ‡ͺπŸ‡Ί

(Current banner: Thunder mountain, Germany, πŸ‡©πŸ‡ͺ ) Feel free to post submissions for banner pictures

Rules

(This list is obviously incomplete, but it will get expanded when necessary)

  1. Be nice to each other (e.g. No direct insults against each other);
  2. No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
  3. No posts linking to mis-information funded by foreign states or billionaires.

Also check out [email protected]

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 38 points 1 year ago* (last edited 1 year ago) (7 children)

what those posts have in common is that they're both about EU attempts to reduce the power of US tech companies. (In the first they're reducing those companies' power to violate privacy, and in the second they're reducing their power to protect it.)

[–] [email protected] -3 points 1 year ago (5 children)
[–] [email protected] 8 points 1 year ago (4 children)

This doesn't restrict TLS, a protocol, it restricts the implementations of TLS by the handful of companies who develop and distribute widely-used web browsers - which are mostly US-headquartered multinationals.

[–] [email protected] 10 points 1 year ago* (last edited 1 year ago) (1 children)

Mandating trusted CAs opens the door to fucking with the communication in progress. Ie undermining TLS whose job it is to protect that communication. Spinning this as an attack on the companies making the browser is a bit too creative for me. That's like saying wiretaps are an attack on the telco, not the phone calls being listened in on.

[–] [email protected] 6 points 1 year ago

Currently browser vendors are able to make their own decisions about which CAs to trust, and how to validate certificates. Most browsers trust a lot of nation states' CAs, but they (the browser vendors) are currently free to unilaterally stop trusting them when they learn of abuses.

That’s like saying wiretaps are an attack on the telco, not the phone calls being listened in on.

Often it is both. Remember MUSCULAR?

load more comments (2 replies)
load more comments (2 replies)
load more comments (3 replies)