undefined | Better HN

0 pointsg-b-r2y ago0 comments

This forces browsers to accept all the CAs approved by the EU states, and you can be certain that some of them will be used for decrypting (and if needed modifying) the traffic

0 comments

Jensson2y ago

And then you can just tell the browser to not trust those CAs and you are safe. This is nothing like "chat control". This only lets the government spy on people who don't care if the government spies on them.

yaris2y ago

IIRC one cannot tell the browser to not trust root CAs, that's why all the fuss.

Jensson2y ago

Why shouldn't you be able to do that? Seems like a simple thing to implement. I get why they want a hardcoded list, but I don't get why you can't add a way to block parts of that hardcoded list.

1 more reply

j / k navigate · click thread line to collapse

0 pointsg-b-r2y ago0 comments

This forces browsers to accept all the CAs approved by the EU states, and you can be certain that some of them will be used for decrypting (and if needed modifying) the traffic

0 comments

Jensson2y ago

yaris2y ago

IIRC one cannot tell the browser to not trust root CAs, that's why all the fuss.

Jensson2y ago

Why shouldn't you be able to do that? Seems like a simple thing to implement. I get why they want a hardcoded list, but I don't get why you can't add a way to block parts of that hardcoded list.

1 more reply

j / k navigate · click thread line to collapse