Lawmakers in Europe are expected to adopt digital identity rules that civil society groups say will make the internet less secure and open up citizens to online surveillance.
The legislation, referred to as eIDAS (electronic IDentification, Authentication and trust Services) 2.0, has been described as an attempt to modernize an initial version of the digital identity and trust service rules. The rules cover things like electronic signatures, time stamps, registered delivery services, and certificates for website authentication.
But one of the requirements of eIDAS 2.0 is that browser makers trust government-approved Certificate Authorities (CA) and do not implement security controls beyond those specified by the European Telecommunications Standards Institute (ETSI).
If this is true, you have a complete surveillance state - 1984 reigns.
Or is it scaremongering?
The EFF has issued a warning that the EU is about to introduce a new law that will enable EU/national governments to secretly eavesdrop on all web communications among their own citizens.
Wondering how/what this inter-operates with GDPR and how it will affect folks in other countries that do business in the EU.
Would love other folks thoughts/comments/concerns regarding this.
@Early_Adopter At least Germany is chirping up, and complaining about, there appears a lot of group-think and sheep thinking going on at the moment.
It certainly is bad.
@Early_Adopter This is okay, as a strategy, as long as they are Quantum-Resistant.....
Harvest Now, Decrypt Later (HNDL)....
Do you remember how long it took the payments industry to change over from SSL v3 after the POODLE attack to TLS v1.2?
It took four years....