←back to thread

Last Chance to fix eIDAS: Secret EU law threatens Internet security

(last-chance-for-eidas.org)
548 points mnot | 1 comments | 02 Nov 23 05:57 UTC | HN request time: 0.194s | source
Show context
5ersi ◴[02 Nov 23 11:55 UTC] No.38112218[source]
If you are concerned by this proposals, then you should check out current CAs trusted by your browser - all those CAs can issue rogue certificates trusted by your browser, that can be used in MITM attack.

For example, CAs present in Firefox, that might give you pause: Beijing Certificate Authority, China Financial CA, Guang Dong CA

The CA system in browsers is inherently broken and it allows state actors to MITM you and see all your traffic if they: 1. have ability to capture IP traffic (requires cooperation with ISP) 2. have ability to generate rogue certificate via cooperation with CA

replies(5): >>38112296 #>>38112304 #>>38112316 #>>38112317 #>>38112423 #
1. my4ng ◴[02 Nov 23 12:14 UTC] No.38112423[source]
I think this is a matter of assumption. For communication through mainland China, one should assume that all internet traffic is actively surveilled with probably way easier methods than CAs. On the other hand, this assumption is definitely not as true in the EU, nor do I think the Chinese government forces Firefox to trust CAs by law (talking about irony)….