this post was submitted on 02 Nov 2023
347 points (98.3% liked)

Europe

8324 readers
1 users here now

News/Interesting Stories/Beautiful Pictures from Europe πŸ‡ͺπŸ‡Ί

(Current banner: Thunder mountain, Germany, πŸ‡©πŸ‡ͺ ) Feel free to post submissions for banner pictures

Rules

(This list is obviously incomplete, but it will get expanded when necessary)

  1. Be nice to each other (e.g. No direct insults against each other);
  2. No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
  3. No posts linking to mis-information funded by foreign states or billionaires.

Also check out !yurop@lemm.ee

founded 1 year ago
MODERATORS
poVoq@slrpnk.net
347
The two faces of the EU (files.catbox.moe)
submitted 10 months ago by Masimatutu@lemm.ee to c/europe@feddit.de
25 comments fedilink hide all child comments
 

post 1

post 2

you are viewing a single comment's thread
view the rest of the comments
[–] Boomkop3@reddthat.com 2 points 10 months ago (2 children)

A quick google finds me a government website explaining eidas and what it's for. By that, I know it's not behind closed doors or undisclosed, nor requiring compromised certificates.

With a quick google, you might find the same. The eu's website, are a reliable source for information about the EU I think

[–] Masimatutu@lemm.ee 5 points 10 months ago (3 children)

You may want to read this: https://last-chance-for-eidas.org/

[–] Boomkop3@reddthat.com 3 points 10 months ago

That's a lot, I'll have a better look this afternoon. Here's my government's website on this feature

https://www.government.nl/topics/online-access-to-public-services-european-economic-area-eidas/everything-you-need-to-know-about-eidas

[–] Boomkop3@reddthat.com -1 points 10 months ago (1 children)

reading further, (summarising) the change is to no longer exclusively trust parties like Google to rule who is and isn't considered trusted online and instead delegates this to EU member states. This does not affect the use of encryption, or a safe dns provider. No worries about your data being recorded.

However, it does stop large organizations like google and Mozilla from abusing their position of authority to harm competitors availability and trust online

[–] Vincent@kbin.social 5 points 10 months ago

It sounds like you made up your mind in advance to support this. Mozilla (and I believe Google too) have a public and rigorous process to determine which certificates to include in their browser, and, importantly, which not too. This new regulation would enable governments to circumvent that process and force browsers to include their certificates, even if those are used to spy on citizens, or are insecure - like the government of Kazakhstan tried to do before. All this using a process without checks and balances.

Also note that parties like Google aren't trusted "exclusively" - you can always switch browsers if you don't trust them. That will no longer be possible with this regulation.

[–] Boomkop3@reddthat.com -2 points 10 months ago (1 children)

also, last-chance-for appears to be from mozilla and worried about article 45. I can recommend reading it for yourself. If there is one thing I learned in recent years its that orgs funded 95% by google might not be the most trustworthy when talking about internet regulations. So I suggest to not take mozilla by their word, cuz without google funding they're dead

here is the legal text if you'd like to read

https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%3AOJ.L_.2014.257.01.0073.01.ENG

[–] Masimatutu@lemm.ee 5 points 10 months ago* (last edited 10 months ago) (1 children)

If you really don't trust Mozilla I recommend you to directly check out this open letter (which is signed by more than 300 experts).

Edit: fixed link, changed language

[–] Boomkop3@reddthat.com 0 points 10 months ago

Looks like I might have had an old version of the doc. Clicking the link I read this morning I find a 404. After finding it again, I do find a doc where recognize what they're concerned about

[–] Vincent@kbin.social 4 points 10 months ago (1 children)

By that, I know it’s not behind closed doors or undisclosed, nor requiring compromised certificates.

I don't know how you reached that second conclusion from the fact that there's a government website, but as https://last-chance-for-eidas.org/ mentions, it was hidden in plain sight, in that eIDAS wasn't hidden, but the specific consequences were:

Although the deal itself was publicly announced in late June, the announcement doesn’t even mention website certificates, let alone these new provisions. This has made it extremely difficult for civil society, academics and the general public to scrutinize or even be aware of the laws their representatives have signed off on in private meetings.

[–] Boomkop3@reddthat.com -1 points 10 months ago (1 children)

Did you even bother to google? there's announcement pages explaining what eidas will be, and the proposal is easy to understand. I have a hunch this is going the same as the "meme ban" did a couple years back

[–] Vincent@kbin.social 1 points 10 months ago

You said you knew there weren't going to be compromised certificates because there was a government website. But also notice that the kerfuffle is about

New legislative articles, introduced in recent closed-door meetings and not yet public

In other words, these are new additions that are not yet reflected in public documents. This article is also a good explainer.