172
Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections
(www.theregister.com)
this post was submitted on 08 Nov 2023
172 points (94.3% liked)
Europe
8484 readers
1 users here now
News/Interesting Stories/Beautiful Pictures from Europe ๐ช๐บ
(Current banner: Thunder mountain, Germany, ๐ฉ๐ช ) Feel free to post submissions for banner pictures
Rules
(This list is obviously incomplete, but it will get expanded when necessary)
- Be nice to each other (e.g. No direct insults against each other);
- No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
- No posts linking to mis-information funded by foreign states or billionaires.
Also check out [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This article isn't completely genuine. And it is important to understand that.
eIDAS came into effect in 2016 and was around the oversight of online identification. This PROPOSED change is around allowing the EU to impersonate anyone getting a CA that is valid in the EU.
Now this is concerning but will never pass. Your bank needs to be assured that their CA can only be validated by them. Your insurance agency, your ecommerce sites...
It won't work, it breaks network trust by definition.
As soon as they try to push this through, banks, insurance and tech companies will push back and this will die.
Banks don't want the security model to be undermined because it will have a massive impact on the escrow services which underpin the digital economy.
If the CA owner can be impersonated then your bank can be impersonated, your online vendor can be impersonated and your e-commerce is dead.
Dumb idea and won't happen.
I can only hope that this is what is going to happen. It's a stupid idea and I have no clue why noone things about the consequences and evaluates if it's for the better or worse..