Readit News logoReadit News
galadran commented on EU Council and Parliament reach agreement for approving controversial eIDAS law   consilium.europa.eu/en/pr... · Posted by u/xinayder
galadran · 2 years ago
EU Commission FAQ (emphasis mine):

Recognition means that web browsers are required to ensure support and interoperability for the QWAC for the sole purpose of displaying identity data in a user-friendly manner. *Recognition of QWACs implies that browsers shouldn't question the origin, integrity or data in the certificate*.

However, the requirement to recognise QWACs does not affect browser security policies and leaves web browsers free to preserve their own procedures and criteria for encryption and authentication of *other certificates*.

https://ec.europa.eu/commission/presscorner/detail/en/QANDA_...

galadran commented on Joint statement of scientists and NGOs on the EU’s proposed eIDAS reform   eidas-open-letter.org/... · Posted by u/sjm217
gbil · 2 years ago
Good timing I think to remind you of the upcoming Firefox changes as discussed here https://news.ycombinator.com/item?id=38009663

EDIT: for context

galadran · 2 years ago
As I commented there, you've misunderstood this change.

There's a difference between certificates distributed with the OS and certificates added to the OS by a user. Right now Firefox ignores both.

This change ONLY picks up the certificates added to the OS by a user. Firefox will continue to ignore the certificates included with the OS store by default.

galadran commented on Firefox Beta 120 trusts OS certificates by default    · Posted by u/gbil
gbil · 2 years ago
https://bugzilla.mozilla.org/show_bug.cgi?id=1848815#c8

> By default, Firefox will now use TLS trust anchors (e.g., certificates) added to the operating system by the user or an administrator. This works on Windows, macOS, and Android, and it can be turned off in the "Privacy & Security" section of Firefox settings, under "Certificates".

what you state "ignores any certificates distributed by default in the OS." is the as-is situation which is changing in the next weeks and you need specifically to opt-out and will include ALL the certificates no matter if they come from the user or the system. So please elaborate why you think it is the wrong summary

galadran · 2 years ago
There's a difference between certificates distributed with the OS and certificates added to the OS by a user. Right now Firefox ignores both. This change ONLY picks up the certificates added to the OS by a user.
galadran commented on Last Chance to fix eIDAS: Secret EU law threatens Internet security   last-chance-for-eidas.org... · Posted by u/mnot
NoboruWataya · 2 years ago
Very concerning. As a slight aside though, it is not a "secret law". All EU laws are published on its website in every official language, and the vast majority of laws (including this one) must be publicly ratified by the directly elected European Parliament before coming effective.

They should tone down this kind of sensationalist clickbait that I would expect to find in UK tabloids. They probably think it helps them impress the urgency of the matter on the public but frankly it just makes me doubt the veracity of the claims made in the article (though in this case I trust Mozilla and would hope that they are not misrepresenting the content of the law itself).

galadran · 2 years ago
"Agreed behind closed doors" would probably be better than "Secret Law" but I guess its a question of brevity.
galadran commented on Last Chance to fix eIDAS: Secret EU law threatens Internet security   last-chance-for-eidas.org... · Posted by u/mnot
sofixa · 2 years ago
Also, this:

> and will be presented to the public and parliament for a rubber stamp before the end of the year

That's not how the EU parliament works, they're not just a rubber stamp. The topic is sufficiently grave without the need for clickbait and painfully obvious exaggerations.

galadran · 2 years ago
https://en.wikipedia.org/wiki/Formal_trilogue_meeting
galadran commented on Last Chance to fix eIDAS: Secret EU law threatens Internet security   last-chance-for-eidas.org... · Posted by u/mnot
galadran · 2 years ago
https://eidas-open-letter.org

The open letter signed by 300+ researchers, professors and experts.

galadran commented on Last Chance to fix eIDAS: Secret EU law threatens Internet security   last-chance-for-eidas.org... · Posted by u/mnot
galadran · 2 years ago
Title should probably be: "Last Chance to fix eIDAS: Secret EU law threatens Internet security"
galadran commented on Last Chance to fix eIDAS: Secret EU law threatens Internet security   last-chance-for-eidas.org... · Posted by u/mnot
galadran · 2 years ago
https://last-chance-for-eidas.org/
galadran commented on Firefox Beta 120 trusts OS certificates by default    · Posted by u/gbil
galadran · 2 years ago
This isn't the right summary. Firefox uses it own root store still and ignores any certificates distributed by default in the OS. However, if the user installs their root to the OS, Firefox will also pick it up. This is how other browsers work.
galadran commented on Encrypted Client Hello (ECH) Effectively Defeats Pirate Site Blocking   torrentfreak.com/encrypte... · Posted by u/HieronymusBosch
galadran · 2 years ago
Mozilla's launch earlier this week: https://blog.mozilla.org/en/products/firefox/encrypted-hello...
g

u/galadran

KarmaCake day1042April 16, 2016
About
[ my public key: https://keybase.io/galadran; my proof: https://keybase.io/galadran/sigs/fdhOgcmCp1kEKwClfElrV_dviWozxDM2n24qkisFN1U ]
View Original