If you want to legally operate your browser in the EU, you have to blanket trust any certificate any member country wants you to with no security check of any sort that's not explicitly approved by the EU.
I wonder if this would end up creating a second parallel PKI. The existing one used for HTTPS security based on Browser's own trust decisions and CA-Browser forum guidelines. The EIDas one for a "government-approved" checkmark but that doesn't make the website HTTPS nor have a secure icon.
There are already multiple PKI stores on every system, managed by different entities. This is an attempt by demagogues to get around that problem using law to twist their arms.
He's implying presenting it differently to the user: "secure" and "EU approved".
I'm assuming the EU will fight hard to prevent that though.
Jesus.
If you want to legally operate your browser in the EU, you have to blanket trust any certificate any member country wants you to with no security check of any sort that's not explicitly approved by the EU.
I wonder if this would end up creating a second parallel PKI. The existing one used for HTTPS security based on Browser's own trust decisions and CA-Browser forum guidelines. The EIDas one for a "government-approved" checkmark but that doesn't make the website HTTPS nor have a secure icon.
There are already multiple PKI stores on every system, managed by different entities. This is an attempt by demagogues to get around that problem using law to twist their arms.
He's implying presenting it differently to the user: "secure" and "EU approved".
I'm assuming the EU will fight hard to prevent that though.
Mozilla's site boycotting this law:
https://last-chance-for-eidas.org/