workfromspace
https://archive.ph/Ilhes (because it's a NRD-newly registered domain which my dns-hole blocks)

Also brief info about website (for the ones who doesn't want to visit an unknown domain without knowing):

A Mozilla website for open letter by 300+ cyber security experts, researchers and NGOs.

elric
Could someone link to some actually helpful writeups on eIDAS? The linked article doesn't mention what eIDAS is about, only vague but strongly worded language about it having to be stopped, with no justifications or even what it is.

The comments too are less helpful than usual. A lot FUD and anti-EU sentiment (which may or may not be warranted, but there's very little objective reasoning going on).

Addendum: yes, people could look it up, but given the strong call to action ("last chance to fix eIDAS!"), I would suggest that the onus to provide clear information is on the authors. You can barely get people to care about privacy at all, let alone when so little information is provided.

mindcrash
Not just "internet security". There has been discussion that they want to use eIDAS for a lot of things like identification in general and even a health passport.

Consider that last thing. We have this thing called bodily integrity [1], which guarantees everybody has self-ownership regarding their body and thus what can be done with it.

However, in the COVID period, it was clear as day that those who govern us dont give a rats ass about something like bodily integrity and going as far as taking away freedom of movement in order to make people comply with injecting themselves with a - until this very day - experimental vaccine.

Now consider what TPTB could do with a powerful toy like eIDAS.

So no, it is not "just" about internet security. Its about slowly and surely stripping away every human right you have as a EU citizen.

[1] https://en.wikipedia.org/wiki/Bodily_integrity

elric
I'm not sure I understand the point you're trying to make. Few rights are absolute. We, as a society, obviously try to prevent people from harming one another. If you're infected with a dangerous pathogen, and you refuse to do something about it on account of "bodily integrity", you will end up violating other people's bodily integrity by infecting them. That's bad, and it would certainly be within "TPTB"'s rights to stop you.

As for vaccines being "experimental", they have saved many lives, and now that the dust has settled, they seem to have done very little harm.

This all sounds rather like conspiracy nonsense, which isn't to say that eIDAS isn't stupid, but silly conspiracy nonsense like this undermines potential real concerns with eIDAS.

kmeisthax
So, the law says browsers have to trust eIDAS keys, but it doesn't say browsers can't complain about it, right?

Like, put the eIDAS keys in a special "signed under protest" trust root, and throw up a bunch of scary warnings about how the EU is forcing Mozilla to trust those keys whenever they are used. Phrase it so that people who think "SSL warning" means "click advanced and 'i know the risks'" understand that this is equivalent to letting the CIA read your text messages.

moogly
If they want to push more people to use the dark web, this would do it.
xinayder
Does someone else think it's an extreme coincidence that we have Chat Control and now this in place? Pretty sure the negotiations around Chat Control revolve on this eIDAS being approved, that way you don't "undermine" encryption because, well, you have the keys to decrypt everything.
phasmantistes
Fundamentally, the whole issue with eIDAS comes down to one thing: you cannot mandate trust.

If it's mandated, it isn't trust. It's something else. By mandating that browsers "trust" certain CAs, they're breaking the entire trust model of the internet.

My only question is whether they truly don't understand this, do understand it but don't care, or are actively interested in destroying that trust.

lakomen
It's like, anything coming from the EU lately in regards to IT is a totalitarian nightmare
demarq
People are already self censoring what they really think on social media, this will push people to self censor in private convos.

At that point you’ve got to wonder what happens to democracy, when people are afraid to exchange ideas

lakomen
I think it's what some people are pushing for, how else can the Lisboa treaty be explained? Surely they weren't that short sighted.
j45
Maybe LLms can help people more effectively engage with their political representatives on topics like this.

I’m increasingly convinced that this type of legislation will continue to proliferate until legislation banning it is not pushed for and put in place.

phendrenad2
In the EU they will take something that should be a standard, make it an actual law, and pretend it isn't about spying on you, and expect you to believe it. Very 1984.
lacoolj
EU is not the only place with insane laws like this in the pipeline. USA has been trying to introduce this kind of thing (EARN IT Act 2023) as well, under the guise of "preventing child trafficking".

Terrifying times we live in where we may not even be able to keep our medical or financial information private anymore because of a handful of people voting on something they don't understand.

surfingdino
This is concerning, but I still have faith in big orgs' and governments' inability to do a simple thing right while paying consultancies a lot of money for it. I have experience implementing banking infrastructure using eIDAS for participant identification and I know how CAs and financial institutions do not get eIDAS. They make rookie mistakes and deny they've done something wrong for months while blaming the other party and seeking regulatory exemptions. I'd be surprised if the EU governments were able to implement it. What wouldn't surprise me would be them blaming browser devs for it.
2-718-281-828
you'd almost think that the /ˌiːˈjuː/ is bent on subverting the internet. i'm experiencing fatigue from news like that already. can't they just stick with what they do best, standardizing vegetables and banning british sausages?
jeremiahlee
EU citizens wanting to oppose the current eIDAS proposal can use my edit of the open letter to send to their Members of European Parliament: https://www.jeremiahlee.com/posts/2023-eu-eidas-feedback/
5ersi
If you are concerned by this proposals, then you should check out current CAs trusted by your browser - all those CAs can issue rogue certificates trusted by your browser, that can be used in MITM attack.

For example, CAs present in Firefox, that might give you pause: Beijing Certificate Authority, China Financial CA, Guang Dong CA

The CA system in browsers is inherently broken and it allows state actors to MITM you and see all your traffic if they: 1. have ability to capture IP traffic (requires cooperation with ISP) 2. have ability to generate rogue certificate via cooperation with CA

my4ng
I think this is a matter of assumption. For communication through mainland China, one should assume that all internet traffic is actively surveilled with probably way easier methods than CAs. On the other hand, this assumption is definitely not as true in the EU, nor do I think the Chinese government forces Firefox to trust CAs by law (talking about irony)….
andyjohnson0
> For example, CAs present in Firefox, that might give you pause: Beijing Certificate Authority, China Financial CA, Guang Dong CA

For someone living in the West, what are the consequences of deleting or distrusting those CAs?

ajsnigrutin
You lose nothing, gain nothing. It's hard for china to reroute your traffic, and even if they did, what can they do to you after that?

It's your own government that can actually do something bad to you.

(unless you're doing some really really nasty stuff, and china wants to eliminate you for those reasons, and is willing to create a large international incident because of that).

SkyBelow
>and even if they did, what can they do to you after that?

An example of what China can do is they can have their workers put pressure on you. Often this pressure is soft, nothing as direct as 'do X or we hurt you with Y'. And often the request, at least at the start, is for something legal and only a bit unethical if even that. A little information to help win a contract, maybe a way to advertise to you why you should go with their vendor for a product, maybe just asking you if a specific coworker seems to have any interest in some odd topic or passing you a resume of someone who seems a good fit for the job. If they can they'll push for more with increasing levels of silver and lead, and if not, they use what they did get to pressure elsewhere.

martin8412
Unless it's gotten better, it's super easy for China.. My traffic to EU World of Warcraft servers got hijacked all the time. I don't know if it was malicious or just incompetent Chinese ISPs, but you feel that extra latency when it goes through China.
ajsnigrutin
But this wasn't a bgp redirect, this was blizzard doing something... if chinese telcos acted as if they were blizzard telcos, there would be bgp filters and a lot of outrage in a matter of minutes. This is not a small deal.
g-b-r
probably none

If you run into some websites which use them the browser will tell you that the certificate is invalid; you can always reinstall them if you prefer.

gchamonlive
It's not like Beijing CA can issue a rogue certifcate and suddenly a malicious actor would be able to decrypt all your internet traffic. You would have to connect to a service that uses those certificates in the first place.

An interesting experiment would be to log all certificates used by the sites you normally use, say for a month, and then look at the list for anything shady. I have no ideia if an extension exists that would allow such and experiment, but the resulting list would be much more useful.

miohtama
In the case of mainland China, it’s easy for the Party 1) issue a malicious certificate and 2) redirect your Internet traffic to MITM box. They do 2) for all the time when blackholing Internet traffic.

With certificate logs there is a chance, I don’t know how high, to catch 1).

lambdaone
No, that's not needed at all. If the malicious actor can man-in-the-middle traffic to victimsite.com (say using a BGP hijack), they can serve HTTPS traffic to the end user from their MITM server, secured with a certificate issued to "victimsite.com" that is issued by their own CA, and the MITM can then in turn communicate to the real victimsite.com using HTTPS secured by the real site's certificate, signed by its own CA.

Now, there are CAA DNS records, which serve the purpose of restricting the CAs that can sign a particular domain, which would of course be ignored by the malicious actor, but _could_ be checked by the end user's browser. But to the best of my knowledge, no browser does that.

smarnach
You are correct that no browser is looking at CAA records, because it would be wrong to do so. CAA records don't retroactively revoke certificates that have already been issued. Their only purpose is for CAs to check them before issuing a certificate.
ajsnigrutin
This will get noticed in a matter of seconds.

But if your own government tells your own isp to reroute just your traffic over some MITM proxy, it's only you there to notice, and most probably, you won't.

lambdaone
In an ideal world, yes, they would by shut down in seconds. Yet BGP hijacks still occur in the real world; here's one from last month: https://slowmist.medium.com/analysis-of-balancer-bgp-hijacki...

And you're certainly right about government-mandated traffic hijacking.

supriyo-biswas
The browser/CA forum’s requirement to log all issuances into the CT log takes care of this; the EU mandate hardly has such requirements while still mandating the inclusion of root certs. The approach of the browser/CA forum vs EIDAS cannot be equated for this reason.
agwa
Yes, but:

1. Major browsers (Chrome, Safari, Edge) only accept certificates which are published in Certificate Transparency logs.

2. If a CA is discovered to have issued MitM certificates, they are swiftly distrusted by browsers.

So it's not really viable to use the existing CA system for MitM attacks.

The eIDAS proposal would:

1. Prevent browsers from distrusting CAs which are used in MitM attacks.

2. Ban mandatory checks (such as Certificate Transparency) on certificates unless the EU agrees to them.

That creates a system that is very viable for government MitM attacks.

andyjohnson0
> 2. If a CA is discovered to have issued MitM certificates, they are swiftly distrusted by browsers.

Thats reassuring but, not knowing much about this, I have a couple of questions:

1. Is this proactively monitored for? And how? And by whom?

2. If a major state-level CA was discovered to have issued a mitm cert, would browser vendors really take the commercial hit of removing or distrusting their root cert?

debugnik
> 2. If a major state-level CA was discovered to have issued a mitm cert, would browser vendors really take the commercial hit of removing or distrusting their root cert?

Pretty much every browser distrusted the root certificate from Spain's FNMT-RCM for a decade, so I think the answer's yes.

agwa
> 1. Is this proactively monitored for? And how? And by whom?

Yes, security researchers like myself are constantly looking in CT logs for suspicious certificates, and I've found many, most notably Symantec issuing certs for example.com (https://groups.google.com/g/mozilla.dev.security.policy/c/fy...) and Certinomis issuing for test.com (https://bugzilla.mozilla.org/show_bug.cgi?id=1496088). Both CAs were eventually distrusted. (But Certinomis will be back once eIDAS is adopted!)

Domain owners can use Certificate Transparency Monitors to learn about suspicious certificates for their own domains. Here are some monitors:

https://crt.sh/ - allows you to search for certificates for a domain

https://github.com/SSLMate/certspotter/ - open source tool which notifies you when a certificate is issued for one of your domains

https://sslmate.com/certspotter/ - commercial service that does the same, operated by my company

> 2. If a major state-level CA was discovered to have issued a mitm cert, would browser vendors really take the commercial hit of removing or distrusting their root cert?

In 2017, Chrome and Firefox distrusted Symantec, which was at the time the world's largest certificate authority: https://security.googleblog.com/2017/09/chromes-plan-to-dist...

Symantec hadn't even issued MitM certs - they were just grossly incompetent. Distrusting them was very painful, but necessary to uphold the integrity of the CA system, and demonstrated conclusively that there is no such thing as a too-big-to-fail CA.

uxp8u61q
That's your smoking gun? CAs that issued certificates for example.com and test.com? You genuinely believe that the only possibility here is a vast conspiracy to defraud and steal?
agwa
> You genuinely believe that the only possibility here is a vast conspiracy to defraud and steal?

Care to point out where I said that?

example.com and test.com are real domains, and their owners did not authorize those certificates to be issued, so issuing them was a serious breach of the trust which CAs are expected to uphold. Furthermore, the discovery of these certificates led to investigations which turned up additional issues which are documented in detail here:

https://wiki.mozilla.org/CA/Symantec_Issues

https://wiki.mozilla.org/CA/Certinomis_Issues

omginternets
Can you help me intuit what a suspicious certificate might look like in practice?
agwa
If you're a domain owner monitoring your own domains, a certificate is suspicious if it was not issued by one of the CAs that you use (e.g. you use Let's Encrypt, but you see a certificate for your domain in CT that was issued by Certinomis). If you keep an inventory of all of your certificates, then you can also cross-reference certificates from CT against your inventory, and flag any certificate that isn't in your inventory.

If you're a security researcher monitoring other people's domains, you have to rely on heuristics - e.g. if a domain has a long history of getting certs from a major US CA, and then suddenly a tiny European CA issues them a certificate, that's pretty suspicious. When I found the example.com certificate misissued by Symantec, I though it was suspicious because it was also valid for subdomains like products.example.com and support.example.com, which don't make sense for a domain that's reserved for documentation purposes. ICANN operates example.com, so I emailed their security team to confirm that they did not authorize the certificate.

The system works best if domain owners are monitoring their own domains, because only they know for sure if a certificate is authorized or not.

omginternets
That makes sense, thank you.

Follow-up question: presumably, a state actor with dominion or leverage over a CA can coerce said CA into issuing a certificate, right?

agwa
Yes, though eventually the state actor would run out of CAs to coerce as all the CAs in their country get distrusted.

The threat of distrust means CAs have a very strong incentive to contest any government orders, since if they comply their business is destroyed.

omginternets
That tracks. Thanks for helping me get a bead on this!
miohtama
You can find more about certificate monitoring and who are involved here

https://certificate.transparency.dev/

ryukoposting
I've generally been supportive of the EU's web regulations, but this is utter insanity.
Hard_Space
Wow - this one really crept up on me, after years of seeing it shot down in flames by people who actually understand the technology, and the implications (not least, the security implications). I wonder if the recent passing of the UK act emboldened them..?
JanisErdmanis
Contrary to the majority of opinions here, I see this as a reasonable development for the state’s sovereignty, which will positively affect the decentralisation of certificate authorities. I hope that unprofessional negligence by European authorities will produce enough precedents and evidence to show that certificate authorities can’t be trusted blindly, and we will end up with transparent certificate authorities and web browsers which will audit every certificate with public logs with the help of History Trees.
radicalbyte
It's worth noting that the technical team have a github where issue such as this can be raised.

https://github.com/eu-digital-identity-wallet

account42
Why are they hosting this on GitHub and not on EU infrastructure?
radicalbyte
1. The EU infrastructure sucks. 2. Reach. Lower the barrier = easier for everyone to contribute.
pandastronaut
Candid question : if this is european legislation, how browser editor would handle this regional specific requirement ? Provide several flavor of their browser ? I doubt people and companies from outside europe would agree to use a european flavored version of their browser.
GTP
In the past, browsers needed to have "export-grade cryptography", because the USA considered ciphers a weapon, thus subject to export rescriction. And this ended up playing a crucial role in downgrade attacks later on. So I would say yes, they already had to handle a similar situation in the past.
dang
perihelions
Ignorant question: what happens if Mozilla or Brave or whoever says fuck that, we're not complying? What's the enforcement mechanism for non-EU-based devs publishing FOSS freely on the global internet?
yaris
The enforcement mechanism is to warn and then ban non-compliant. There are just too few playeds in the field here. It would take only two major browser development companies to make the world 99% compliant. And the rest is statistical error no matter how safe and secure they are.
perihelions
How do you ban a FOSS?
lakomen
You criminalize the platform where it's published. The laws for that have been conjured in 2018.
yaris
"One cannot hang a song, sure, but one can hang a singer". There are not so many places where people can get Firefox or Chromium, even fewer places where they can get source code of the named browsers. [EDIT] grammar
agarsev
Just adding a perspective (not necessarily mine, I'm still on the fence) supporting this legislation from a tech-literate person in the EU.

The digital administration in my country has made my life so much easier. We all have mandatory ID cards since decades ago, but now they have a chip with some certs for auth, signing, etc. I can check my taxes, fill government forms, see any traffic tickets, sign official documents from my home thanks to this. However, as far as I understand, this relies on my user agent accepting some particular CAs. This is critical, to the point of my browser preventing me access to some parts of the administration if the CA is not up to date or recognised or whatever.

What this legislation proposes, if I understand it correctly, is putting in the hands of the government the power to administer (part of) this CA infrastructure. As with many EU-related legislation, this forcefully transfers power from private (often American) entities to EU governments. I guess when trust in your government is higher or equal to trust on private firms, this doesn't sound so bad.

Not saying this is right or wrong, but maybe this helps understand why many people in the EU may not be so against this type of legislation.

g-b-r
No, there's no need for your browser to accept particular CAs

If some government sites want to use their CA that's one thing but what matters to identify you is the key stored in your ID card

kreetx
The things that get me thinking are:

- for a CA that is business (or a non-profit), trust is their product, and if Let's Encrypt fails at it's job then clients can go elsewhere

- not sure but in EU I would assume they are going to install all member states' CA certificates into all browsers, so then EU member state government A can MITM a connection for a citizen of member state B

- even if a website has a certificate from any current provider, any EU government can still MITM a user without the company knowing

Also, as it's technically possible to combat the legislation then how much would it actually help, wouldn't any "criminal" pay attention to it too, e.g by using an appropriate browser?

repelsteeltje
> Not saying this is right or wrong, but maybe this helps understand why many people in the EU may not be so against this type of legislation.

I'm with you. I think most of the fuzz is about forcefully involving government into the CA infrastructure and the fact that this affects rest of the world.

As to the latter, I've always found it weird that by default all root stores contain hundreds of CAs from over the world. By default, anyone is assumed to trust large companies (Google, Amazon) equally as nation states (Staat der Nerderlanden) shady entities (Hongkong Post office). So it's not surprising to have everyone up in arms if the EU adds yet another chair to this table.

Wouldn't it make much more sense if users took more control and responsibility of the certs in their root store? Wouldn't it make more sense to restrict CAs to certain domains? I would be okay with a EU sanctioned CA if it could only assert authenticity of EU services, but not shops or whitehouse.gov. I've always felt that it would make much more sense if CAs were much more restricted to specific "trust use cases".

whelp_24
You should read the letter, it's worse than that. It makes these gov CA's unrejectable, along with providing a means of tracking your activity. Essentially, it's like giving your least trusted eu country access to your browsing history and some of your decrypted traffic.

They could have reduced scope, but looking at effects perhaps that's not what they actual want.

stinos
It makes these gov CA's unrejectable

That part I understood

along with providing a means of tracking your activity. Essentially, it's like giving your least trusted eu country access to your browsing history and some of your decrypted traffic.

This one though, not quite. Can you explain in layman terms, maybe by means of a practical example, how this would work exactly and what is needed for it?

vorpalhex
You are sending letters to your friend and getting their replies back in the mail.

You know your government delivers your letters and they could open them and read them, but you trust your government to keep your info private and use this power well.

The current regulation would mean any government can peek at your letters, and even if they got caught peeking or letting their friends read your letters, your mail carrier can't do anything. They aren't even allowed to ban the other governments friend from reading your mail.

If you had a friend who tried to help you write in secret code to avoid these other governments or strangers from reading your mail, they would be risking jail time.

Not only do you have to trust your government, but you must trust every government in the EU and if they get caught misbehaving, nobody can do anything about it.

(Practically, any government can MITM any ssl connection and read or alter things at will.)

galangalalgol
This isn't adding a few CAs s your browser trusts the tax website. This appears to be replacing all of them so the eu can see the contents of all traffic that is proxied in and out of the country. None of that seems likely to work for actual bad people.
kreetx
If the root CA is installed in my browser then the government can MITM any connection at will.
bjornsing
I’m so tired of this shitstorm of crap EU regulation. Death by a thousand cuts…
algesten
To protect myself or my company, what about a pihole (or similar) that rejects any TLS connection attempted with certs signed by these root CA?
archi42
That's illegal then. But the pihole won't do the trick, you need to remove the mandated certs from your browsers certstore. If these certs are used for legitimate places (e.g. EU or state websites, and I'll bet they will) you then will get a certificate error.

Of course there is still HSTS, but that's not supported by all tech using TLS.

hn8305823
> If these certs are used for legitimate places (e.g. EU or state websites, and I'll bet they will) you then will get a certificate error.

Prediction: If this passes, users having to bypass cert errors will be the new cookie popup.

Snawoot
TLS 1.3 encrypts server certificate, so it will not be possible to filter such connections out using just passive inspection.
johnfonesca
eIDAS is a cartel created to protect the business interests of EU biggest certification authorities.
Jensson
It is a digital certificate standard. Browser certificates is only a tiny part of it, that wasn't why it was made. Having a standard for digital certificates is a good thing, it makes it easy to switch document signer provider etc since they all are forced to implement the same interface.
g-b-r
what's discussed here has nothing to do with the digital signatures part (which by and large already existed in the original version)
mananaysiempre
I’ve read enough mozilla.dev.security.policy threads along the lines of “but we’re a qualified eIDAS CA (erm, TSP)! — but your audits, key management, and issuance controls are all crap! — but eIDAS!” that I feel that it might, in fact, be partly an attempt by CAs to ensure that they can’t be kicked out of browsers at the browsers’ discretion, or even have to obey CA/BF decisions. It certainly appeared that the fuss around QWACs got much louder as the EV UI downgrade progressed.

Maybe it wasn’t the original intention, but right now, even ignoring the surveillance angle, I feel that it would be a major downgrade to the post-Symantec state of the Web PKI. In particular, the process for getting a CA disqualified or inconvenienced in any other way seems to be so onerous as to be basically intractable, especially if you, the relying party, are not in the EU. As far as I can tell (but here I can be wrong), as a relying party you don’t even have standing to do anything about it—it’s considered to be solely the business of your country’s government, and if the government body doesn’t care (see: Facebook and the Irish DPA), tough, guess you’re a single-issue voter now.

johnfonesca
>it makes it easy to switch document signer provider etc since they all are forced to implement the same interface.

eIDAS was introduced in 2016. Now 7 years later there still isn't a API specification for interoperability (there are drawings though https://blog.eid.as/new-apis-for-the-eidas-ecosystem/ )

In the meantime, any digital signature done in EU must be done with a certificate issued only by the "select" CA to be considered "valid".

account42
Why is that website using a domainhack (with a non-EU ccTLD) rather than a proper .eu domain? Doesn't exactly inspire confidence that these people should have anything to do with security standards.
bux93
>In the meantime, any digital signature done in EU must be done with a certificate issued only by the "select" CA to be considered "valid".

article 25 of EIDAS 1. An electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic signatures.

Jensson
> Now 7 years later there still isn't a API specification for interoperability

The standard existed 2016, I did a short stint for a company that was implemented eIDAS back then.

They even have a test suite you can use to check how well you comply with the standard: https://ec.europa.eu/digital-building-blocks/wikis/display/D...

It is very archaic to work with though, but at least they try to have a standard.

johnfonesca
The ETSI checker you have linked doesn't have anything to do with CA API interoperability and "switch document signer provider". That's just a basic tool which validates if a signature is PADES/ETSI compliant or not.

The real value in eIDAS would be "unlocked" if they would release a proper API specification with which a digital signatures application would integrate with any EIDAS CA to emit/sign certificates. And then enforce that any eIDAS compliant CA would implement this API.

In practice that means any company/digital signatures product could do a integration with this API once and then be able to use ANY certification authority they want/need/offer best prices for certificates.

Without this API, eIDAS is just a marketing moniker because the power belongs to the selected Certification Authorities. They set the prices, they choose WHOM can integrate with them to isse certificates and there is NO interoperability between them. This doesnt allow for a open market and makes the top players control everything while shouting "standards" and "eIDAS".....

varispeed
Seems like some politicians from EU commission had parents in Stasi, KGB and other organisations and became allured by the stories of watching other people, learning they secrets or perhaps even seeing their naked photographs.

So these pervs now want to do the same. For what?

supriyo-biswas
For anyone who’s about to say that surveillance isn’t the point of this legislation: it definitely is; we very recently saw Germany trying to MITM jabber.ru users[1], having a CA that can be asked to issue any certificate is definitely something that’d be used for surveillance purposes.

[1] https://notes.valdikss.org.ru/jabber.ru-mitm/

fweimer
But it doesn't enable covert surveillance. Even without Certificate Transparency, the change in server certificate is visible to the client. Initiatives like Let's Encrypt could make it visible to server operators, too. The browser UI will present those new qualified certificates and existing certificates differently anyway, so I'm not sure if this is going to work.

The bigger issue is that for this in order to work at all, the regulation must have provisions for issuing fake assertions of existing identities to law enforcement and other security services. The predecessor didn't seem to have that. This is different from providing fake identification documents for undercover operations because as far as I understand it, those use are usually mostly made-up and do not impersonate another person.

We would have to read the actual text of the proposed regulation to know the details, but both sides (legislators and those fueling the outrage machine) do not really want us to form our own opinion and hide the draft text from us.

phasmantistes
Unfortunately this isn't how it works in practice.

Changes to server certificates happen all the time -- every 60 days or so, if you're getting certs from Let's Encrypt. Browsers can't tell their users every time a certificate changes because the users will just get notification-blindness and be trained to click past the warnings.

Let's Encrypt doesn't help server operators see this; I really not sure what you mean by that. Certificate Transparency would help server operators see this, but the new law text forbids browsers from requiring CT for these certs!

The law doesn't have to solve the problem of how security services will assert fake identities. Each member state can solve that internally. Allegedly, given the recent report of a hijack against jabber.ru and xmpp.ru, they already have. The problem is that, when they do, no one else has any recourse. No other member state can say "hey, don't hijack my websites!", no citizen can say "hey, don't hijack my traffic!", and no browser can say "hey, you issued a false certificate, we don't trust you anymore!".

Fundamentally, the whole issue with eIDAS comes down to one thing: you cannot mandate trust. By definition. If it's mandated, it isn't trust, it's something else. By mandating that browsers "trust" certain CAs, they're breaking the entire trust model of the internet.

fuoqi
A proper solution for MitM is mandatory independent certificate transparency, not outright denial of national CAs support in browsers. A German National CA should not be able to issue certificates for .ru in the first place and having a clear record of misbehavior in CT is probably not something operators of such CA would like to have even when pressured by intelligence agencies.

Browsers should get their shit together and add proper support of domain-limited CAs and add optional whitelisting of CAs for given websites.

supriyo-biswas
Browsers do have this, although this measure is only selectively applied for certain CAs where misissuance has been an issue (There was a Indian CA for which this was used, need to look around MDSP for the link. I’ll post it shortly.)
agwa
Historically, root constraints were only used in response to misissuance, but more recently, KamuSM voluntarily limited themselves to .tr when they applied.
agwa
> Browsers should get their shit together and add proper support of domain-limited CAs

They do in fact support this - e.g. Mozilla trusts KamuSM only for .tr [1], Chrome limited ANSSI to French TLDs [2].

However, there is no indication that the EU would be willing to accept such constraints on their national CAs. If you look at several of the current national European CAs, they routinely issue for generic TLDs like .com.

[1] https://groups.google.com/a/mozilla.org/g/dev-security-polic...

[2] https://security.googleblog.com/2013/12/further-improving-di...

lambdaone
Cool. Domain-limited CAs are a really good idea, and they don't need anything like dynamic downloading of CAA records.
smarnach
CAA records only apply at the time a certificate is issued, and they only need to be considered by CAs. If the CAA record is changed later, all certificates that have already been issued continue to be valid, even if the new CAA record does not allow the issuing CA anymore. So looking at CAA records would be useless for browsers anyway.
Jensson
eIDAS exists since there are many conflicting standards for electronic certificates. eIDAS is an effort to unify those standards. Maybe the clause where they say browsers has to add specific CA's is for spying, but eIDAS in general isn't to help spying its just there to help unify all the different electronic certificate services in EU.

For example banking, signing official documents like grades from school etc, all of those usecases are a part of eIDAS. That is the core of the standard and there you really want to see all the certificate information to be sure it is the right origin, since unlike browsers there is no list of trusted CAs, you just see that some organization accepted it.

Edit: Browsers already had their own standard that they think is better than eIDAS, so they don't want this to apply to them. But Occam's razor says that EU just added "and browsers should also do this" instead of there being some conspiracy behind it, it was simple to just add everything instead of leaving just browsers out.

logifail
> signing official documents like grades from school

I have no Earthly idea why a) this needs to be done digitally, or b) for the EU to be involved (at EU level) with this.

Unfortunately if you pitch mission creep vs the principle of subsidiarity, the former wins every time.

willeh
University grades are standardised already. This is useful because it allows people to work in other countries, digitally signing them prevents fraud.

This is just one use case for eIDAS, then you have things like interacting with different government institutions, banks, et cetera, et cetera.

There are a lot of people who live in/work/visit other EU countries as is their near absolute right. We should therefore standardise technology on the EU level to make their lives easier.

logifail
> University grades are standardised already

... for some value of "standardised"?

UK[0]: First, 2:1, 2:2, Third

Germany[1]: 1 to 5

France[2]: "on a scale from 0-20"

<chuckle>

[0] https://www.imperial.ac.uk/students/success-guide/ug/assessm... [1] https://www.uni-passau.de/en/international/coming-to-passau/... [2] https://u-paris.fr/en/higher-education-in-france/

nulld3v
Great, very good! Now if you want to standardize encrypted communication, please do it with the help of security researchers, not like this.
willeh
Other than this questionable browser CA thing, do you think there are any specific flaws with the crypto system presented in eIDAS.
nulld3v
Alright, so I am not a security researcher so actual security researchers may not share my views. Also, as mentioned in the site, the full text of the new regulation is not public yet. And finally, I have only skimmed whatever text is available given that it's over 100 pages and I skipped over most of the EDIW stuff (it's a really complex system that I can't understand/audit in 20 mins).

But with that out of the way, no I don't have any other complaints, I think the regulation is generally a move in the right direction.

ngrilly
> eIDAS exists since there are many conflicting standards for electronic certificates. eIDAS is an effort to unify those standards.

Did we need laws to "unify" all the standards we successfully use today, like IP, UDP, TCP, HTTP, TLS, Certificate Transparency, HTML, ECMAScript, CSS, DNS, DMARC, DKIM, SSH, etc.? Laws are not the right tool for this. And law makers don't have the necessary expertise.

Serenacula
I think ECMAScript my actually be a counter example, no? Isn't that also governed and funded by the European council?
smarnach
There definitely isn't a law mandating Javascript engines to follow the Ecmascript standard, which would be the equivalent of what's happening here.
troupo
There are also great many standards we use today that were unified and enforced through laws.

Open any law on produce, construction, cars, industrial equipment (and a million others), and you'll find thousands of specs and standards mandated by law, and for a reason.

sshine
It’s either laws or market forces, both have drawbacks.

While eIDAS seems like a great idea to coerce member states into adopting a common standard, it just also happens to sneak EU-centralist ideology in, and total digital surveillance is the 0th application of that ideology.

The big catch with EU is: once you opt in, opting out is very difficult.

supriyo-biswas
> Browsers already had their own standard that they think is better than eIDAS

Unlike the Browser/CA forum rules which are security focused, EIDAS comes from a government mandate first and foremost, so the concern isn’t entirely subjective as you suggest.

> "and browsers should also do this" instead of there being some conspiracy behind it

The law isn’t RFC 2119 where there is a distinction between SHOULD and MUST: the law is all about what an entity MUST do, so bringing up “should” in this context isn’t helping the point you’re typing to make.

Jensson
I don't get what your point is here, you said this and that is what I argued against, your points here does nothing to defend this: "For anyone who’s about to say that surveillance isn’t the point of this legislation".

> Unlike the Browser/CA forum rules which are security focused, EIDAS comes from a government mandate first and foremost, so the concern isn’t entirely subjective as you suggest.

I didn't say this was subjective. My argument was that it is easy to see why EU would do this without having surveillance in mind. They just wanted all certificates to follow the same standard, the main part of these standards were document signing and they thought web sites are documents so we add them as well to the standard.

> so bringing up “should” in this context isn’t helping the point you’re typing to make.

I didn't make a distinction between should and must there, that wasn't my point at all. What was hard to understand there? This bill is first and foremost about document signing, and then they added a clause that it also applies to browsers. That is the main part of my argument.

A bill that first and foremost targets document signing doesn't seem like it was obviously made to add spying on browsers, if that is what they wanted they would have labeled it "web protection bill" or something like they did with the chat one, they aren't afraid of saying it is about spying when that is what they want.

miohtama
More healthier approach for the EU to get e.g. the document signing to a single standard would be

- Make sure there is an open standard (is there?)

- Fund and promote its open source development

- Have an industry lobbyist non-profit to onboard individual businesses

If the goal is to ”promote standards” the way this is being done does not seem to be aligned the 50 years of software industry standard development, with the examples like TCP/IP, PNG, AV1 and so on.

NoboruWataya
Very concerning. As a slight aside though, it is not a "secret law". All EU laws are published on its website in every official language, and the vast majority of laws (including this one) must be publicly ratified by the directly elected European Parliament before coming effective.

They should tone down this kind of sensationalist clickbait that I would expect to find in UK tabloids. They probably think it helps them impress the urgency of the matter on the public but frankly it just makes me doubt the veracity of the claims made in the article (though in this case I trust Mozilla and would hope that they are not misrepresenting the content of the law itself).

galadran
"Agreed behind closed doors" would probably be better than "Secret Law" but I guess its a question of brevity.
sofixa
Also, this:

> and will be presented to the public and parliament for a rubber stamp before the end of the year

That's not how the EU parliament works, they're not just a rubber stamp. The topic is sufficiently grave without the need for clickbait and painfully obvious exaggerations.

Vinnl
As I understand it, the EU Parliament engages through the trilogues. Once agreement has been reached there, final approval is indeed more of a rubberstamp. (But: I'm just somewhat interested in the subject; I'm not an expert on the process.)
sofixa
Once an agreement has been reached, the Parliament can still reject the proposed law (which can easily happen because a conciliatory committee does not represent all the factions in parliament and of course public outcry/petitions can change opinions).
peyton
Why can’t Mozilla publish the agreed-upon changes? Are the drafts currently classified? If so, I think it’s okay to bell ring.
phasmantistes
I don't think "classified" is the right word, but they haven't been published. They were leaked to various third parties, who got them to Mozilla / EFF / the other folks writing letters of protest today. Those parties haven't published the full text themselves, to protect the identity of the leaker.
ratg13
They’ve had entire programs around trying to get the public engaged in this topic.

I’ve watched many of their YouTube presentations.. all with less than 100 views when I watched them, despite them being uploaded for some time.

diego_sandoval
The proposal is so obscene that I doubt Apple, Google or even Microsoft would ever comply with it.
justinclift
They'd probably be fined into submission if they don't though.
diego_sandoval
If it gets to that point, one alternative would be creating some ad-hoc non profits that are on paper not controlled by them (but in practice they are) and then giving up the control of their respective browsers to said non-profits.

But it won't get to that point. I don't really think the US government would be ok with a regulation like this, either, and they have even more bargaining power than tech companies.

uxp8u61q
You think the EU's lawyers will be fooled by a scheme you cooked up in an HN comment?
g-b-r
then the non-profits would be breaking the law
neodypsis
I guess Europe would have to fund its own browser development. The rest of the world won't participate.
datpiff
It's a market of nearly half a billion people, two-tier browsers seem more likely. IIRC Netscape did this in the past over US export laws on cryptography.
supriyo-biswas
Developing a browser these days mostly involves slapping on their own branding over Firefox or Chromium though, so hardly the end of the world for EU.
galadran
https://eidas-open-letter.org

The open letter signed by 300+ researchers, professors and experts.

mbwgh
The following quote from former Jean-Claude Juncker, president of the European Commission sums up the way the EU seems to work quite nicely:

"We decide on something, leave it lying around and wait and see what happens. If no one kicks up a fuss, because most people don't understand what has been decided, we continue step by step until there is no turning back."[0]

[0] - https://en.wikiquote.org/wiki/Jean-Claude_Juncker

belter
"When it becomes serious, you have to lie'"

    - Jean-Claude Juncker
franky47

    But the plans were on display…”
    “On display? I eventually had to go down to the cellar to find them.”
    “That’s the display department.”
    “With a flashlight.”
    “Ah, well, the lights had probably gone.”
    “So had the stairs.”
    “But look, you found the notice, didn’t you?”
    “Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.
Douglas Adams wasn't far off.
qingcharles
It's sad, but this actually happened.

There was an episode of the Mark Thomas Comedy Product where he describes how they were trying to find the spending habits of EU MPs, but they were in a basement with no electronic devices allowed, so they hired an army of students to run up and down with notebooks and pens and relay all the information to more students upstairs who had to type it all up and put it online.

vanderZwan
The interesting part with the EU is that all policy (proposed and accepted) is actually all organized, findable and out in the open on the internet (and even translated to all official member state languages IIRC)... if you have the mindset of a bureaucrat and know the system.

I know because my ex did European Studies and knew how to navigate those websites. I for the life of me cannot figure out how she did it if I try now.

janejeon
As someone else said, sounds like an interesting project to scrape, organize, and somehow "re-surface" that data in a much more accessible manner (how? I don't know; I've never done such a project before).

Obviously it should be said that such a project shouldn't be needed in the first place in an ideal world, but it does sound like something I might be interested in chipping in regardless (and a great learning opportunity).

hunter2_
I am the last person to suggest throwing AI at a random problem, but this actually sounds like a good match for LLM training/prompting...
TiredGuy
Sounds like it might be a good web-scraping project for a civic-minded group or individual: scrape the sites, unify and organize them into something more approachable and discoverable.

I know in the US we have orgs like Code for America and events like National Day of Civic Hacking. Does the EU have similar groups and events? I wonder if this could be presented to something like that.

arp242
EU website makes the IBM and HP websites seem user-friendly and easy. I tried engaging with some of the Open Source stuff a few years ago, and I definitely felt like I needed a "European Studies" PhD to be able to navigate all of that.
vanderZwan
TBF, when my former partner explained the system to me, it did feel like a lot of the complexity was inherent to the problem of what the EU as a project is trying to achieve. It is not a trivial problem to solve.

Another issue is basically the legal analogy of how certain difficult programming languages impose a selection bias on who actually is willing to learn it, which then leads to an echo-chamber culture where most people underestimate the issues with the programming language.

orwin
A really good friend of mine created the first version of eur-lex.europa (hopefully it's that one, it was a website for lawyers to find European legislation and case law), he barely finished his first internship at the time, only had one true web project on his belt (and two weeks of intensive formation), and was spectacularly underpaid (not for his inexistant qualifications, but for the work he did).

I thought he did a good work, but I was a student too so maybe I was just impressed with basic stuff (highly likely).

vanderZwan
The worst part is that this is still better than how most governments currently work. At least there is a chance to give feedback.

Also, keep in mind that this is in the context of getting all member states of the EU to agree on something. People kicking up a fuss is the default situation because of conflicting interests between different states.

Make no mistake about how I feel about this though: it's still pretty horrible even with that context in mind. And as graemep pointed out the rest of the quotes on that page will tell you all you need to know about Juncker too.

almostnormal
> People kicking up a fuss is the default situation because of conflicting interests between different states.

In some cases less between the states and more between gonvernment and people. The european parliament is elected by the people. But many important matters are defined by the comission consisting of representatives of the member states governments.

Of course the different governments are also elected. But as part of the comission they can act against the will of the people and later blame the EU.

hutzlibu
I think the worst part is, that most governments work like this, but only some can dare to speak about it in the open. Now why could Juncker speak so open? Probably because he is quite disconnected from the democratic election process ..

I mean, I certainly did not vote for Ursula von der Leyen either.

p_l
Your representatives that you voted into parliament did, however.
lakomen
Von der Leyen is President of the European Council. The parliament had nothing to do with it.

The council is made up of the prime ministers of the EU member countries, which also were not voted for seats in the EC.

Likewise there was no vote on the Lisboa treaty which effectively put the EC above the parliament and outside its jurisdiction.

hutzlibu
How would you know, who I voted for?
bboygravity
Which is relevant to his/her point (about not being able to vote on people directly), because?
softg
She was nominated by the European Council (=Heads of gov't of EU countries) because the EU parliament is a divided mess and the leading parties have no internal cohesion whatsoever. Parties at the european level are disparate coalitions between national parties and MEPs follow the national party line. The decision was made by national governments and rubber-stamped by the parliament.

This is fundamentally different from how a PM is voted in a traditional parliamentary system where an MP leads the party during the election process and elected as PM after a clear victory or negotiations between MPs.

munk-a
Having a prominent MP leader like that is one of my second least favorite part of parliamentary governments[1]. Politics and governance aren't so simple that one person will ever be found that fairly represents the majority of the populace because the majority of the populace can't agree on multiple things. It's better for the majority of the power in governments to be devolved down to MPs voting on matters with the executive branch just being a formality for PR on the local and international stage - as well as being entrusted with emergency powers if we ever need to get anything done.

We're a people with a wide spectrum of beliefs - we should be represented by a wide spectrum of MPs... never by a single voice.

1. My first being whenever a single party actually wins a majority.

softg
> We're a people with a wide spectrum of beliefs - we should be represented by a wide spectrum of MPs... never by a single voice.

This is a fair statement. I'm not from the EU but I think it's true for basically any society. Also a lot of the dysfunction in the EU is obviously by design and it's supposed to instill cooperation and deliberation between different stakeholders.

Still, in politics "getting things done" is very important, imo much more important than representation because the main job of a government is to govern and a fairly balanced government that fails to govern will lose support very quickly and become unrepresentative/useless. Also if someone can't get things done, others will do it and force their hand, like the case of the election of the EU commission president. Or practically everything the UN does.

The good thing about a government by a single party or a well defined coalition is that you know what they roughly stand for, what they don't stand for, who is for them and who is against. You can support them or vote against them. In an election one side wins. Being an incumbent is difficult so in the next the other side wins, they are supposed to balance each other that way.

What is the alternative of a de facto coalition between the right, center-left and liberals? Which of these is really in power? Who are you going to vote for if you don't like where the things are headed?

Looking at the EU parliament (or the parliaments of many EU countries) the main alternatives are fascism-lite and actual fascism. That's the risk of plethoric supranational governing bodies like the EU or very large coalition governments, they rob people of viable democratic alternatives.

soco
I think you pointed the defining aspect here. Having many opinions is inefficient but representative. Having one winner is efficient but lopsided. You can't have the cake and eat it, so each society had to decide which way (and revisit the decision over time).
laszlokorte
The „same opinion as“ operator does not distribute over the transitive equality relation
graemep
Wow, a lot of those quotes are damning.
SiempreViernes
Doubt it is a particularly unbiased sample though, so probably not a good idea to draw any strong conclusions from reading it.
belter
“it is a historic mistake to not want to tax at the appropriate levels the profits of multinational companies which act globally and don’t pay the taxes they owe.”

  - Jean-Claude Juncker ...Prime minister of ....Luxembourg
SiempreViernes
Mr LuxLeaks said that eh?

I mean, I'm not saying Juncker is great, just that reading the random collection of quotes on wikiquotes might not be the best way to judge his work.

sirwitti
I'd like to see what the european court of justice will have to say about this, should this actually become law.
rvz
Thank you EU! We absolutely need more surveillance! Been waiting for months [0] for more government control over everything! /s

Really can't wait for more of this! I <3 the EU! /s

[0] https://news.ycombinator.com/item?id=36934200

miohtama
Chat control has intercepted this forum post and flagged you as a terrorist.

Your bank account is now frozen.

Please report at your local police station tomorrow at 10am.

runnedrun
Does anyone know what the supposed benefits are for this kind of bill? Are proponents overtly advocating for increased surveillance ability?
throw_a_grenade
EU bureaucrats are annoyed that ~100% of the trust decisions are made outside the EU (given that majority of browsers and the trust stores like Microsoft, Android, Java etc., are operated from US). They see it as the issue about the third part of security triade of confidentiality, integrity and availability. In short, they fear that EU company can theoretically be put out of business on a whim of US entity which is unaccountable to EU poeple (by revoking the cert in case of e-commerce, or trust bits in case of CA, or "TSP" as it's called in eIDAS). Hence the prohibition from distrusting certs unless ETSI (which is accountable to EU people) agrees.

Most of the commenters here miss the point, because they concentrate on confidentiality and integrity (cf. any post about MITM). They are of course correct that this creates capability to intercept TLS connections. They still miss the point that EU bureaucrats see it as reasonable tradeoff (which I don't think it is, but that's their POV).

hannob
A key idea behind all of this is to sell "qualified certificates". Which is another way of saying "expensive certificates".

In the past, CAs sold EV certificates which gave you a nice green look in the browser bar and no security advantage (arguably security downsides, because you cannot automate it). That was good business, until browsers decided that this makes no sense and scraped any special treatment for EV certificates.

The "qualified certificates" by the EU are essentially EV with a new name.

johnfonesca
>Which is another way of saying "expensive certificates".

True, basically eIDAS is a cartel. With the help of EU legislation, some Certification Authorities banded together and are now saying that certificates emited by anyone but them are not good. And obviously they fully controll the pricing for the "good" certificates.

sofixa
> True, basically eIDAS is a cartel. With the help of EU legislation, some Certification Authorities banded together and are now saying that certificates emited by anyone but them are not good

For very specific needs like electronic signatures, "seals" and an interesting one I hadn't heard before, timestamping (proving that an electronic document has existed at that timestamp), not for general computing.

Also, considering Bulgaria has 5 CAs on the official list, with 2 others as potential, the claims of a shady cartel of "big Cert" being behind this is laughable.

mananaysiempre
Scott Helme had a similar take back in 2022[1].

[1] https://scotthelme.co.uk/looks-like-a-duck-swims-like-a-duck...

isilofi
I suppose this is the first step towards a stricter kind of the German "Impressumspflicht". Currently, if you are operating a website in any kind of (even most remotely) commercial function, you need an imprint. Lacking one, you get nasty expensive letters from lawyers and courts. At the moment, this imprint is just a text on your website.

With certificates from a government CA containing your name, address and maybe other data like tax ID, the certificate becomes that imprint, digitally signed and hard to fake. So I guess the next step after this directive is in place will be to require such government certificates for all European websites instead of the usual domain-validated WebCA ones. For a modest fee going into the pockets of some government cronies, of course.

g_p
I believe that the stated/claimed intent is to create cross-country, bloc-wide digital signature interoperability and acceptance standards. The theory being that you can "digitally sign" things with a national ID (e.g. a smart card), and have that recognised anywhere in the EU. That would, in theory, help to reduce and simplify bureaucracy, especially for people moving between countries in the EU (a process which can be quite complex even with freedom of movement, due to totally different cultural norms around government systems, forms, languages, etc.)

Something better than typing your name and trusting a third party to do email verification for a digital signature certainly sounds like it could have advantages for doing business though.

I believe the issues identified here seem to stem from a (very) over-enthusiastic desire to have certificate acceptance everywhere (i.e. prevent discriminating against one country's citizens by excluding their ID card CA), without understanding the different types of trust chains and certificate chains. Presumably scattered with a bit of technical naivety as well. The concept itself is (probably?) fine, as long as it doesn't try to force browsers or SSL verifiers to accept or trust certificates they don't want to.

jruohonen
Indeed: the goals are justifiable and very much welcome, in my opinion. Yet, I do not understand what CAs and the global TLS/PKI ecosystem have to do with the goals.
Jensson
> Yet, I do not understand what CAs and the global TLS/PKI ecosystem have to do with the goals.

Technically that is also digital signing. The regulators probably thought that all kinds of digital signing should be included in this bill and just slapped something down for browsers while they were at it.

g_p
My guess is that someone saw the value (rightly) in being able to do "good" digital signatures on the web (better than docusign in terms of integrity/proof), and that meant (in their head) those certificates have to work in the web browser.

Which, if you don't understand web trust and PKI, means a bit of searching online will tell you that you need your browser to trust the CAs you use for digital signatures.

Which is of course not true - you can (and should) present an "untrusted" (i.e. not a server authentication) certificate as your client certificate or for signatures, as there's different trust bits and use-cases for different kinds of certificates.

galadran
Title should probably be: "Last Chance to fix eIDAS: Secret EU law threatens Internet security"
Maxion
The Secret Law bit is quite clickbaity.
verisimi
Lololol

"We need to be able to break security so we can see all your data, to keep you safe! Terrorists! Child abuse!"

"hmm yeah, but who's going to keep me safe from you?"

matthews2
How will this be enforced? If Mozilla or Google added some hard coded certificate into a new browser version, what if a distribution like Debian patched it out? Or if a user can delete it from the certificate stores themselves?
g-b-r
the law can be interpreted as making it illegal, even for end users (it deals with "web-browsers", not "web browser vendors")
subbz
Unfortunately the whole world population is addicted to ~5 sites/apps on the web who will play the game.

If Debian patches this out, you won't be able to access those sites. That's a living edge case for them.

jonathanstrange
I think the right way of dealing with this is to have a button to switch between secure mode and insecure/government mode.
supriyo-biswas
People get very hung up on what people can technically do, but the domains of the browser or OS that doesn’t follow these rules will simply be blocked at the DNS level so that you can’t download them any more. The relevant entities such as companies developing or using said non-compliant projects will be fined, and any natural persons jailed outright, à la Stallman’s The Right To Read.
execveat
You can't block a browser at the DNS level.
supriyo-biswas
I meant domains offering downloads of the non-compliant browser/OS; updated. Thanks!
calgoo
So what happens to open source browsers? Will they be forced to implement it? Are the governments going to audit the code to make sure no one is releasing a version that has removed the government certs or are they going to outlaw open source browsers?

Again, this is not going to catch anyone with half a braincell that is trying to do something. This is just going to catch everyone else.

I wonder if this will tie into the BS that Google was trying to implement that would make it impossible to modify the webpage using adblockers etc. making it so you can't navigate the web if you are using a uncertified browser.

supriyo-biswas
> I wonder if this will tie into the BS that Google was trying to implement that would make it impossible to modify the webpage using adblocker

Very likely, yes. Also note that a similar client-side CSAM scanning feature was rolled out by Apple with a similar anticipation, and shortly after we saw the proposal of Chatcontrol and the like.

> So what happens to open source browsers?

See my other comment on the same thread[1].

[1] https://news.ycombinator.com/item?id=38110667

fuoqi
If certificates issued by those CAs will be tied to independent (from EU) certificate transparency (CT) services and to specific national top-level domains, then I am completely fine with this. After a big number of websites in Russia (including the biggest bank in the country) have effectively lost access to the CA infrastructure used by commonly used browsers, I don't think any honest person can say that the current status quo is robust enough. So it looks like EU simply hedges against this potential infrastructure risk.

To mitigate the MitM risk I believe that CT and limiting CA to specific top-level domains (so a hypothetical RU CA would not be able to issue certificates for .eu or .com) should be sufficient enough.

eps
Re: Russia - SberBank, which is used by the vast majority of population, voluntarily switched to a new Russian government-controlled CA. This move aimed to coerse people to install this CA's cert under false premises and to let the state splice https if needs be. The goal was bloody obvious and it has never been about the "robustness" of infrastructure. They just want to take away people's Internet privacy.
fuoqi
I hope you are simply not familiar with the situation and not FUDing around.

The "false premise" was that GlobalSign has refused to issue new certificates for Sberbank and there were several cases of CAs revoking existing certificates. They eventually have found a CA (Harica DV) which was willing to issue new certificates, but it was not clear at the time that such CA will be found and the new certificates can be revoked at any moment after a new wave of sanctions or simply after a strongly worded warning from Washington or Brussels. Relying on a relatively minor Greek CA for bank operations is clearly not a good strategy in their situation.

nulld3v
galadran
Jensson
There is nothing there that says every service must use specific certificates, just that browsers should accept certain ones. So this in no way breaks encryption for apps who care, this only reduces security on apps that wants to reduce security.

For example, if you use private "e2echat.com" it can still use safe certs and be safe, the risk is only that "governmentchat.com" will use bad certs, which was already a risk.

isilofi
There is no way for e2echat.com to make sure that the client will insist on a certain safe CA. Sure, in case e2echat.com controls all clients this would be possible, but this is a rare case.

In the general case, any CA can sign any website certificate. So all those new government CAs can sign all the man-in-the-middle certificates they like, and browsers are obliged to accept them. Nothing the website can do about that.

There are ways to pin certain CAs via DNSSEC and TLSA resource records in DNS. But browsers ignore those, and even if they didn't, the same EU proposal also specifies government DNS manipulation.

So the gist is: EIDAS must die.

Jensson
You still wont be able to break the end to end encryption of a site. You can only intercept traffic that the server can read, you can't intercept traffic that are encrypted end to end.

And if the site can see your data assume the government can see it as well, they can get it with a warrant.

isilofi
Website-based end-to-end encryption isn't usually. In most cases, the "e2e-encrypting" website will deliver the Javascript that does the "e2e-encryption", which can easily be manipulated to provide a copy of all messages to some convenient third location.

A warrant will maybe warn the site and the user that something is going on.

A man-in-the-middle attack without a warrant delivered to either party is more likely to go undetected.

Jensson
> which can easily be manipulated to provide a copy of all messages to some convenient third location.

Updating others javascript as a proxy isn't "easily".

Also if the government goes all this way to tell each internet provider to spy on people, why do you think they couldn't tell certificate authorities to spy on people? It is the same level. I wouldn't be surprised if many CA's in USA already does this.

isilofi
It is "easily", because current commercially available "firewall" appliances include that kind of capabilities. Just a few clicks, install a CA certificate, add a logging endpoint, done. Certain regulated industries like finance and medicine are required to use those. All chats are instantly intercepted and logged.

And the way to spy on people via a certificate authority is exactly as described, you get a CA that signs your man-in-the-middle certificate for a website you do not own. Then you MitM that traffic using that certificate, while still getting a green "lock" icon.

With current WebCA certificates, certificate transparency does help a little to detect such MitM certificates, and some CAs have actually been caught red-handed. There are processes to punish or remove such CAs. However, this law would also prevent such actions, thus making it impossible to prevent any future malfeasant CAs.

About an example MitM certificate case and removal, see the DigiNotar case: https://blog.mozilla.org/security/2011/08/29/fraudulent-goog...

For more about how certificate transparency works see http://nil.lcs.mit.edu/6.824/2020/papers/ct-faq.txt

Jensson
Maybe browsers shouldn't hardcode those things? If they let you blacklist CAs you could do that yourself or via a plugin. There is nothing preventing browsers from implementing that, and have a one click button "don't trust compromised CAs". Could even had that during install as a toggle, would satisfy every legal requirement.

If this means users gets more power over what CAs to trust then that is a good thing.

nulld3v
> If this means users gets more power over what CAs to trust then that is a good thing.

Do you really think your average user is going to go into the browser and manually distrust root CAs? We have learned again and again that good security is "secure by default", not "secure after arcane configuration".

isilofi
You can manually distrust hardcoded CAs in all common browsers. But even now, this is rarely used because it is tedious, there are roughly a hundred active CAs.

And depending on how that law will be interpreted by courts, manually distrusting might be considered illegal.

Jensson
> manually distrusting might be considered illegal

It is just a display change, all the law says is:

"For those purposes web-browsers shall ensure that the identity data provided using any of the methods is displayed in a user friendly manner."

I don't see how adding a warning icon or block icon instead of the lock hurts would be banned. To me it seems like so much here is based on baseless assumptions.

isilofi
No, manually distrusting will probably be considered illegal. "Browsers shall ensure", no exceptions: https://news.ycombinator.com/item?id=38109691

I would also urge you to refrain from using terminology such as "baseless assumptions" when your own assumptions are so easily refuted by directly reading the text of the proposal.

mjan22640
I as an user decide what is user friendly to me.
g-b-r
to me at this point it seems like you're trying to defend this law a-priori...
g-b-r
Oh yeah if encryption is broken only for browsers no big deal right
Jensson
Governments still can't see your requests to servers under normal circumstances with this law.

The weakness is only if someone controls your internet connection and can use a compromised certification process to trick you into thinking you are at "e2e.com" when you are on another site, and in those cases the only difference from now is that your browser will display "secure" instead of "invalid cert". There is no other difference.

So to orchestrate an attack they would need to build an webbapp that is sufficient similar for you not to notice, take over your internet connection and break the certification process.

g-b-r
> the only difference from now is that your browser will display "secure" instead of "invalid cert". There is no other difference.

Oh that's SUCH as an insignificant difference!!!

> So to orchestrate an attack they would need to build an webbapp that is sufficient similar for you not to notice, take over your internet connection and break the certification process.

You can simply relay the requests to the original site/"webapp", no need to build one similar

Jensson
> You can simply relay the requests to the original site/"webapp", no need to build one similar

Doesn't work if the app encrypts messages locally, so end to end encryption is still valid with this.

g-b-r
We're talking about normal browsing, not webapps performing their encryption
isilofi
Webapps are also vulnerable because the Javascript can be manipulated in a MitM attack.

The only way around this would be a "real" app.

g-b-r
True
calgoo
"The weakness is only if someone controls your internet connection and can use a compromised certification process to trick you into thinking you are at e2e.com"

That will be (or already is) done at ISP level. It will probably be fully automated, where they just put a court order number into a form, and it automatically just catches all your traffic in gear that's installed at the ISP.

Jensson
It is only undetectable if the site actually uses the vulnerable certificates. Otherwise you can see that the government is spying on you since the browser tells you what certificate it got (Telling you what certificate was used is a part of eIDAS). There is no way the government will replace certificates like that on an automated basis, it is too easy for people to notice and make a big deal about.
g-b-r
There's probably at most one person every ten millions who uses add-ons displaying each connection's certificate authority; and even them will likely not notice anything if it's only done to them occasionally (not to mention that absolutely no one checks the connections used to download third-party stuff, to my knowledge).
Jensson
Yes, because CA level attacks are basically nonexistent and not a very big deal since they require you to control the targets internet connection.

The moment people learn that the US government could control a CA and your internet provider to spy on you maybe that will change. But as is people think it is too much work for governments to bother with it.

g-b-r
> Yes, because CA level attacks are basically nonexistent and not a very big deal.

I'd call that bs, CA level attacks are very unlikely to be detected, so we know little about their prevalence.

(you edited your comment to add... that it requires you to control the targets internet connection?? And "the moment people learn that thenUS government could control (a CA) and your internet provider to spy on you maybe that will change With tls becoming ubiquitous they're now indispensable

g-b-r
ops I guess I destroyed my comment by mistake, and I can't edit it anymore...

It originally was

* I'd call that bs, CA level attacks are very unlikely to be detected, so we know little about their prevalence.

With tls becoming ubiquitous they're now indispensable*

supriyo-biswas
If a nonprofit like Let’s Encrypt can perform automated certificate renewal with a few API calls, so can the government.

Also, MITMs are a thing and getting the EIDAS certs in the root store will show that the certs in question are trusted, which is all that really matters because there is no way for users to know what certificates were actually installed by the website owner.

Jensson
That has nothing to do with this, I don't think you understand this vulnerability. You can see which certificate authority issued the cert, so you can see if the suddenly the site started using a vulnerable cert provider and thus know that it is compromised. Note that the same attack is possible right now, the only difference is how your browser displays it, you can just install a plugin to get back the original behavior if you want. So this in no way prevents you from secure browsing.

TLDR: If you are worried about security you can always install a plugin to get back the old behavior. This just says that browsers should be able to trust them, not that you have to configure your browser to trust them.

g-b-r
First, few people would know that they should install a plugin, second, since the laws says that browsers "shall ensure", there's a good chance that they would be forced to try to block these plugins
supriyo-biswas
CA changes can happen due to many legitimate regions. Pinning certificates in this way doesn’t scale, as we saw with the deprecation of HPKP.
Jensson
All you need is a list of trusted CA's, like we do right now, and then issue a warning if it isn't on that list. It is a very simple plugin to make.
g-b-r
These certificate authories will also issue legitimate certificates btw, the regulation explicitly encourages local states to use them for their services
no_time
If "e2echat.com" has no method to explicitly forbid your browser from accepting eIDAS certs (via a DNS record or something) then your browser will just blindly accept the compromised cert when attacked.

This is still very bad.

gallexme
Wouldn't a client certificate from e2echat protect that kind of attack ? Since even when a man in the middle offers u a server cert u accept, the e2echat servers can't validate the client certificate from you anymore

(Still bad but would at least protect connections from ever talking to e2echats servers)

Filligree
Nobody uses client certs.
Jensson
> This is still very bad.

Yes, potentially, but it isn't "another kind of chat control".

no_time
Luckily, I never said anything like this anywhere.
raverbashing
Yes, I agree. The crying wolf is too much sometimes.

Accepting certificates from a given issuer does not give them the issuer the right to impersonate others

g-b-r
All root CAs can issue certificates for any site (except those with CAA records etc.)
g-b-r
It's another side of the efforts of going around encryption, chat controls deals with communication services, this one with browsers
Jensson
But this doesn't force browsers and sites to use weak encryption. It is very different.
g-b-r
This forces browsers to accept all the CAs approved by the EU states, and you can be certain that some of them will be used for decrypting (and if needed modifying) the traffic
Jensson
And then you can just tell the browser to not trust those CAs and you are safe. This is nothing like "chat control". This only lets the government spy on people who don't care if the government spies on them.
yaris
IIRC one cannot tell the browser to not trust root CAs, that's why all the fuss.
Jensson
Why shouldn't you be able to do that? Seems like a simple thing to implement. I get why they want a hardcoded list, but I don't get why you can't add a way to block parts of that hardcoded list.
g-b-r
web-browsers shall ensure
Jensson
The only requirement is that browsers displays the data. The browser can add "warning, this certificate is potentially compromised" when it displays it, nothing in the current document says browsers aren't allowed to say that, just that the browser has to be aware of the certificate.

It is similar to how Chrome displays a warning when you visit some sites. You can visit the site anyway, but you get a warning since Google thinks it is bad.

g-b-r
Even without the 45 (2a), displayed in a user-friendly manner could already be interpreted to prevent prominent warnings
agwa
It's not clear that a warning would be allowed. In particular, the new paragraph 45(2a) prohibits mandatory checks on eIDAS certificates.

Mozilla has proposed text[1] that would make clear that the requirement is only to display identity information, but this text has not been adopted.

[1] https://securityriskahead.eu/wp-content/uploads/2023/09/Mozi...

yaris
Technically correct. But if Firefox displays a big red warning when someone's grandma goes to her favourite recipe website, and Safari (or Chrome) just display the website to grandma (and to the officer on duty, but who cares) - how long will Firefox survive?
pxeger1
I’m assuming this another… misguided… attempt by the security services to make their jobs easier. The grip that intelligence communities apparently have on our governments is ridiculous. Why do they have such influence?
nvm0n2
Probably not really. The EU itself (at the Brussels level) doesn't have much of an intelligence apparatus. One exists but it's small and weak compared to the likes of the NSA. The most capable was GCHQ but of course that's no longer a part of the EU.

The EU likes passing internet related legislation because of:

1. The politics of it. It involves the raw exercise of power over people who are easily bullied and that they don't like much, namely successful American companies. The EU loves passing extra-territorial laws and seeing people jump, it makes them feel like a big power bloc which is the whole aim of the EU project to begin with.

2. The revenue from it. Tech companies either fight or they try to obey, but the laws are vague and easily reinterpreted. This yields massive fines which go straight into the EU coffers, money which is then spent on purchasing loyalty both of the elected political elites (via post-election-loss sinecures and enormous "pensions" that start being paid out long before retirement), and the population itself (via EU branded projects and grants).

3. The unaccountability of it. EU law is created by the Commission which does whatever it wants. By treaty it is accountable to nothing except itself and it is the highest power in Europe. In that situation why not spend all your time on easily achieved upper-class luxury agenda items like internet regulation, which feels futuristic and cool, instead of messy stuff that bothers the regular citizens like illegal immigration, where you don't want to do it and failure comes easy?

That's why there's a constant flood of tech-related regulation coming from the EU. Seeing this specific act in isolation is a mistake, it's just the continuation of a long term trend.

alphager
Laws are not created by the commission. Laws can be proposed by the commission, but must pass an unanimous vote by the council (made up of a representative of the government of every country) and pass a qualified majority vote in the EU parliament.
nvm0n2
The council also uses qualified majority voting and has done for nearly a decade.

The Commission is the sole source of legislation. The Council cannot change EU law against the will of the Commission, so in practice it's a rubber stamp body that just always votes yes to everything.

This is what I'm saying in another comment: HN is flooded with incorrect claims about how the EU actually works, always in the direction of making it sound more accountable than it actually is.

supriyo-biswas
It’s intriguing to observe this phenomena on HN where any posts critical of the EU will get downvoted, even though it is natural for any country or block to try various means to show or enforce its power.

And before someone says otherwise, I’ve seen this playing out hundreds of times.

midasuni
The post was typical anti gov tin foil hat nonsense. You see the same types of posts from people who like camping out on compounds in the mid west complaining about “the feds”
supriyo-biswas
There is nothing about protectionism or a government flexing its power that can be construed as "tin foil hat nonsense" though.
nvm0n2
Eurosceptics aren't welcome here and will usually give up rather than burn karma and get throttled.

If you spend time in central Europe you'll see why this occurs. Some people have incorporated the EU institutions into their personal identity. People will call themselves European Citizens although the EU doesn't grant citizenship. Businesses will be called Euro-this or Euro-that for no obvious reason. You can catch the Eurobus to go ride the rollercoasters at the Europa Park then meet their famous mascot Ed Euromouse. This stuff is everywhere.

And in some ways, it is understandable. The 20th century was wracked by wars between different European empires or countries. The assumption at the core of this movement is that if everyone has the same social identity and is ruled by the same government, then everyone will hold hands and there will be peace on Earth. Or at least that bit of it.

But you can't force unity on people. It has to develop naturally, through shared experiences and cultures. Unfortunately the vision is so enticing that the political and credentialed classes in these countries don't want to wait, and so attempt to enforce it from the top down via schemes that eliminate democracy in favor of power transfers towards the Right Sort Of People, the type who "get it" and who can then rule unchecked without needing to answer to electorates. This is deeply corrupting, but because it's an identity issue when this is pointed out people feel their personal identity and whole progress story is under attack.

Jensson
It got downvoted since it says this regulation isn't made to spy on people. People want to believe it was made for a sinister purpose and not just due to naivete.

If you look around you see plenty of people that gets upvoted and are critical of EU, so that isn't it.

supriyo-biswas
We had a recent MITM on jabber.ru[1] conducted by Germany, a EU state that was only detected because they failed to renew the MITM cert. I have no reason to believe making this easier isn’t one of the goals of EIDAS.

[1] https://notes.valdikss.org.ru/jabber.ru-mitm/

chmod775
How can you make this any easier? The ergonomics of letsencrypt are probably better than anything the EU could come up with.

Fair chance they'll just keep using letsencrypt.

midasuni
The en commissioners are appointed by the eu heads of state (one each) and subject to confirmation from Parliament (congress). Somewhat analogous to the US exec branch.

The commission President is proposed by the council (the heads of states) and appointed by parliament.

I’m not aware of the EU arresting random US citizens for breaking laws like the gdpr, you’re thinking of America and the DMCA

nvm0n2
That's what they claim, but in reality the President of the Commission rejects any Commissioner they don't like. This isn't meant to happen but eventually Juncker admitted that he did it all the time, and that this was considered normal.

So the Commissioners are in reality selected by the President.

This problem appears in every HN thread about the EU or its activities. People argue that it's a legitimate democratic structure based on how its treaties say it works, but the treaties aren't followed.

derelicta
Western security services are what we call secret police in other parts of the world. Its goal is to protect the local status quo. That's it, and thats why it can assert so much influence.
kossTKR
This is one of the most important and least talked about power dynamics.

This is because that world is hidden to most people but would have just 20 years ago been covered by classical research journalism, namely the intersections between power, fiscal policy, law, the security state, foreign policy and mass media or other systems of control.

Politics and policy making is downstream from mostly non public clubs of people. Become a part of the security apparatus to gain power and draft plans for whole regions of the world and the future of society. The rest of us get to see their own self branding in Hollywood romantizations and ideological "event driven" smokescreens that cover the realpolitcal battles of power and resources that actually drive history.

That way the masses end up seeing the good fights for "Democracy", "Child safety", "Necessary financial bailouts" or "Primitive stupid people in X country need intervention" while these are all covering a big old game of Risk or Civilization ie. resource plundering, land grabs, violent exploitation of foreign markets, siphoning of wealth from the masses to the few, and panopticon-level systems of control implemented to keep dissent and enlightenment about these fact as much in the dark as possible.

Theres a reason the richest European families already took an interest in controlling the emerging postal services of several hundreds years ago just like early pamphlet media but somehow these very old facts have been so memoryholed everyone thinks we live in a somewhat meritocratic or even democratic society these days.

judiisis
India is also preparing legislation for OS and browser having their CA, they also launched their own web browser challenge https://iwbdc.in/ .They were earlier removed due to unauthorised issuances https://pkic.org/2014/07/24/in-the-wake-of-unauthorized-cert...
jruohonen
From:

https://data.consilium.europa.eu/doc/document/ST-14959-2022-...

Article 45(2): "Qualified certificates for website authentication referred to in paragraph 1 shall be recognised by web-browsers. For those purposes web-browsers shall ensure that the identity data provided using any of the methods is displayed in a user friendly manner. Web-browsers shall ensure support and interoperability with qualified certificates for website authentication referred to in paragraph 1, with the exception of enterprises, considered to be microenterprises and small enterprises in accordance with Commission Recommendation 2003/361/EC in the first 5 years of operating as providers of web-browsing services."

Article 45a(3): "A qualified electronic attestation of attributes issued in one Member State shall be recognised as a qualified electronic attestation of attributes in any other Member State".

Article 45a(4): "An attestation of attributes issued by or on behalf of a public sector body responsible for an authentic source shall be recognised as an attestation of attributes issued by or on behalf of a public sector body responsible for an authentic source in all Member States."

agwa
That text is almost a year old. The recent trilogue negotiations added paragraph 45(2a) which is not public yet (hence the complaints about secrecy) but is alluded to in the open letter (https://eidas-open-letter.org):

> The proposed legislation also prevents the introduction of security checks when verifying the certificates used for encrypted web traffic in Art 45, (2a). As written, this language requires that the EU’s website certificates not be subjected to any mandatory requirements beyond those specified in ETSI standards.

This is awful, as it would forbid browsers from requiring Certificate Transparency, or banning a weak hash algorithm (like SHA-1), or requiring post-quantum keys unless the EU agrees to it.

jruohonen
Oh dear, shooting on one's foot once again.

Fortunately, they cannot forbid a natural person from removing any given certificate. If this passes, I am sure we have blacklists and scripts for these in no time.

justinclift
New Firefox plugin: "Disable EU Certs"
Am4TIfIsER0ppos
Soon: "Mozilla removes plugin from website and prevents installation for weakening security"
supriyo-biswas
EU court: serves Mozilla a court order to add the extension to the blocklist.xml file, a global blocklist of all extension IDs that users can’t install.
justinclift
Sure, and thereby begins yet another game of whack-a-mole as people create ever more elaborate workarounds.
g-b-r
and as ever less people have the working workaround
mbwgh
I guess this is where client attestation comes into play.
g_p
Or, proliferation of the English (US) or English (UK) versions of browsers, which refuse to (and are not obliged to) include any of these CAs...

I suspect if this ever does play out, it could result in fewer people using "EU spec" browsers, and more people using the international overseas version, thus undermining the entire intention of the policy proposal.

It seems a pretty safe bet no browser maker would ship these CAs to users outside of the EU (and maybe EEA).

jahav
I suspect such versions won't comply with Cyber Resilience Act (=company would be on hook for a fine). Browsers are in category 2 iirc.

Edit: rest of world might be fine(big maybe, these things have tendency to proliferate),eu citizens... screws are tightening.

mbwgh
That's great if you are not going to be legally and technically required to use these EU spec browsers to be able to access your online banking or any platform registered as doing business in Europe.

The EU is playing the long game here I believe.