this post was submitted on 10 Nov 2023
518 points (98.9% liked)

Technology

59622 readers
2880 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

EU Article 45 requires that browsers trust certificate authorities appointed by governments::The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from...

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 1 year ago (1 children)

My country has half-assed implementation but in general it has been great. For any signing I can just shove my personal id, enter pin and document is cryptographically signed. No alteration possible. And since government is the issuer of the certificate, no one can fake it. We have our e-government thing also, where you can do a lot of things, from checking your kids grades in school to theoretically handling all of the documentation you might need. Personal id is used to login into that service. Shove a card, enter pin and you are there. No sign up, remember password, etc. I have even set up, at one point, login into my computer using my personal id, out of curiosity as it held no other benefit. Had to add that root certificate to my machine though.

Sadly it all sounds great on paper, but execution is lacking. Some things still require pen and paper and it's annoying, but we'll get there. That's why my assumption is governments wanting to push for easier integration. Then all you'd need was card reader and a browser. Which also the reason why I don't think they are trying to push this idea for nefarious purposes. People download and install government software without thinking or double-checking all the time. Adding certificate through any installation wouldn't be much of a challenge.

[–] [email protected] 8 points 1 year ago

"No one can fake it" Oh boy. This is going to be an utterly horrible future.