this post was submitted on 28 Nov 2023
28 points (93.8% liked)
Privacy
31939 readers
521 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Any summary or article, I'm not watching the video
Here's the article from Mozilla explaining their position. There is also this random article from The Record that seems to give a bit more of a detailed explanation from what I skimmed.
Will you be notified and asked permission before the page is loaded?
I mean, even for self-signed/invalid certificates, most browsers allow you to optionally access the page anyway... it'll show some error page first, but it'll allow you to load it if you explicitly request to continue in the error page itself, right? and you'll get an eye-catching red icon indicating the website is untrusted... why can't browsers implement something similar to that? Just use a different icon and a different page/dialog to opt-in on first visit. Something that isn't as strong as the error page, but that makes it clear to the user which organization/government is responsible for authorizing the access.
But then again... why not simply have that website registered under
.id.eu
(for example) and have the EU use that DNS for registering/signing subdomains using eIDAS certificates? then there would be no risk for it to potentially poison other top-level domains if it's compromised. And imho, it would be great if when a citizen gets their eIDAS certificate it comes with a personal domain that they can freely use.I feel I'm not fully understanding here neither what exactly is being asked nor the purpose for asking it.
Is there some more clear and unbiased information on this? ...the way they wanna call it "secret" is also very confusing to me, that smells of FUD... in which way is it "secret"? are there no public details about the request? "secret legislation" feels almost like an oximoron. I feel that what they want to say is that the controversial sections were introduced very late in the process, following some closed-door meetings, but that's no the same thing as the legislation being "secret"...