This year, we have seen an array of different ways governments around the world have tried to alter basic security on the web for users. Much of this was attempted through legislation, direct network interference, or as a request directly from a government to internet governance authorities. On the other hand, we have also seen new anti-censorship mechanisms assist people so that they can regain access to the wider world, providing hope in really dark times.
EU’s Digital Identity Framework
While the European Union’s eIDAS (electronic IDentification, Authentication and trust Services) framework and law is not new and has been in effect since 2014, there were several amendments proposed in the European Parliament that have struck new conversations, and concerns. As a top example, there is a proposed amendment to Article 45 that we believe could fundamentally alter the web trust model as we know it. The amendment would require that web browsers trust third parties designated by the government, without necessary security assurances.
EFF went over the implications and concluded that it is a solution in search of a problem. The proposal would enforce expensive Qualified Web Authentication Certificates (QWACs) for websites, instead of cheaper or free certificates as the safest option for communication on the web; and it could potentially make users vulnerable to malicious activity by government-based Certificate Authorities (or Qualified Trust Service Providers/QTSPs) in a worse case scenario.
December 6th 2022, The Council of the European Union adopt
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: