Michał "rysiek" Woźniak · 🇺🇦 on Nostr: kravietz 🦇 perhaps. Just as in case of ACTA2 there was valid criticism of the ...

kravietz 🦇 (npub1vz5…qdta) perhaps. Just as in case of ACTA2 there was valid criticism of the Copyright Directive regardless of GAFAM campaign, there is valid criticism of certain aspects of the eIDAS directive as it currently stands.

Yes, eIDAS is needed, necessary even. But forcing browsers to add root certs and banning them from managing the risk related to that is dangerous and wrong.
https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years

Root CAs can be abused, and have in the past:
https://www.f5.com/labs/articles/threat-intelligence/kazakhstan-attempts-to-mitm-itscitizens