520
submitted 1 year ago by L4s@lemmy.world to c/technology@lemmy.world

EU Article 45 requires that browsers trust certificate authorities appointed by governments::The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from...

top 50 comments
sorted by: hot top controversial new old
[-] pastermil@sh.itjust.works 143 points 1 year ago

What the fuck is EU doing? Why are they trying so hard to participate in the enshitification effort?

[-] MeanEYE@lemmy.world 41 points 1 year ago

Personal ID cards have certificates on them issued by the government. These certificates can be used for anything from digitally signing documents to logging in to government web sites without having yet another user/pass. So far situations was a nightmare.

Government provided tools and plugins for browsers to support logging in and signing, but it's been a shitshow when it comes to support. Pretty much only Windows and only certain versions of it and even then it worked half of the time. You had to install certificate manually and trust, etc. Am assuming this is to make sure these services work but also so they can issue certificates for their own web sites.

[-] pastermil@sh.itjust.works 23 points 1 year ago

Personal digital certificate sounds like an awesome concept. Too bad the implementation seems so narrow-minded. Typical beaureaucrats.

[-] Coasting0942@reddthat.com 15 points 1 year ago

They want to make all the decisions but are also mad that the IT guy presentation is taking to long and isn’t using simpler language

[-] MeanEYE@lemmy.world 7 points 1 year ago

My country has half-assed implementation but in general it has been great. For any signing I can just shove my personal id, enter pin and document is cryptographically signed. No alteration possible. And since government is the issuer of the certificate, no one can fake it. We have our e-government thing also, where you can do a lot of things, from checking your kids grades in school to theoretically handling all of the documentation you might need. Personal id is used to login into that service. Shove a card, enter pin and you are there. No sign up, remember password, etc. I have even set up, at one point, login into my computer using my personal id, out of curiosity as it held no other benefit. Had to add that root certificate to my machine though.

Sadly it all sounds great on paper, but execution is lacking. Some things still require pen and paper and it's annoying, but we'll get there. That's why my assumption is governments wanting to push for easier integration. Then all you'd need was card reader and a browser. Which also the reason why I don't think they are trying to push this idea for nefarious purposes. People download and install government software without thinking or double-checking all the time. Adding certificate through any installation wouldn't be much of a challenge.

[-] nexusband@lemmy.world 8 points 1 year ago

"No one can fake it" Oh boy. This is going to be an utterly horrible future.

load more comments (6 replies)
load more comments (1 replies)
[-] Send_me_nude_girls@feddit.de 117 points 1 year ago

Great and in 2 -3 years we find out, that someone has actively abused this security hole for years and stole whatever master key is required, to create their own fake government CA and has been spying on everyone for years. Or political opposition was imprisoned before they could act. Best is, such man in the middle attacks allow for all sorts of things, including putting fake evidence on your computer.

Oh yes, no one would ever do that every, totally never happened and won't. Nazis will also never come back. What, they soon are the biggest party in Germany, in other countries too? And will dictate rules in the EU? No one could see that happening...

Where there's honey, there will be bears.

I just hope we can create a browser plugin to deny gov CAs automatically or a browser from outside EU to block that shit. ...until your ISP is forced by law to block traffic from these.

One step closer to a great EU firewall and it sucks. Good old salami tactics. Because at some point it doesn't even matter if there are ways to mitigate this spying, if the alternative are so complicated and uncomfortable to use, that 99,999% of the people won't bother.

[-] clutch@lemmy.ml 23 points 1 year ago

Commercial CAs are not that better either

[-] Send_me_nude_girls@feddit.de 18 points 1 year ago* (last edited 1 year ago)

Companies always have a name and money to lose and are a hurdle for overreaching hands. The government has no reputation nor money to lose and a simple agreement opens all doors if it's already government owned. A big difference to me personally.

The government should only ever own things that would fail or be worse, if in public hands. Like infrastructure for instance.

[-] themurphy@lemmy.world 20 points 1 year ago* (last edited 1 year ago)

Absolutely don't agree that companies are more trustworthy than governments.

My guess is that you have an awful government in your home country, but not here. And yes that could change, but they are at least voteable.

Companies are NEVER your friend.

load more comments (3 replies)
load more comments (1 replies)
load more comments (10 replies)
[-] jlh@lemmy.jlh.name 89 points 1 year ago

This is really bad. This is the EU taking a page out of the books of Russia, Iran, and the PRC by implementing website blocking and government-issued CAs. Europeans could be at real risk in the event of a democratic backslide.

[-] sorghum@sh.itjust.works 20 points 1 year ago

That's usually my way to evaluate if a government should have a power. I ask myself if the other side were in charge and had this power, would it be really bad? If the answer is yes, more than likely the government shouldn't have that power.

[-] vacuumflower@lemmy.sdf.org 4 points 1 year ago

Congrats, you are smarter than most people talking about regulations.

load more comments (1 replies)
[-] DieguiTux8623@feddit.it 63 points 1 year ago

You know, they are not being autocratic, it's for people's own good, to protect children and other "random bullshit go!" things.

Unless we act, we're doomed. This is the new "nobles and clergymen", only it's "riches and beurocrats".

[-] properlypurple@lemmy.blahaj.zone 22 points 1 year ago

Capitalism is just feudalism in new clothes. 😓

load more comments (8 replies)
[-] ShunkW@lemmy.world 46 points 1 year ago

What a fucking nightmare. And I thought the US was bad about trying to encroach more on privacy.

load more comments (12 replies)
[-] PinkPanther@sh.itjust.works 32 points 1 year ago

Where and how do we complain? This is really bad...

[-] Adanisi@lemmy.zip 11 points 1 year ago
[-] ExLisper@linux.community 10 points 1 year ago

Jesus, this is not about spaying. This is because browsers have history of sucking at trusting new certificate authorities.

In Spain you get private certificate on your ID. You can use this ID to sing documents and access government pages. Those certificates are signed and provided by the government institution responsible for printing money (Royal Mint). It took them like 10 years to get the root cert added to the main browsers so that people could authenticate using those certs on government pages. It still doesn't work very well and I have to manually trust certs on Linux. I think I don't have to explain why being able to identify yourself on govt pages would be great.

What's the security risk here? People really think that the Spanish spy agency would request certs signed by the Royal Mint for 3rd party domain and use those for MITM attack? When they are caught this would raise huuuuge stink, Spanish govt certs would get banned and Royal Mint would lose all credibility. I'm not saying they are definitely not stupid enough to try it but they would only be able to do it once.

[-] I_like_cats@lemmy.one 21 points 1 year ago

They wouldn't get banned. That's the problem. The article mandates that these certificates are exempt from the usual repercussions for acting out

load more comments (2 replies)
[-] silencioso@lemmy.world 11 points 1 year ago* (last edited 1 year ago)

I'm not saying they are definitely not stupid enough to try it but they would only be able to do it once.

They will the be caught and they will do it again and again. Normies they don't give a fuck about privacy or certificates.

[-] crispy_kilt@feddit.de 5 points 1 year ago

This isn't it. You can use a separate CA for identification and for websites (TLS). If this were the problem, they could use any existing CA for their websites and their own for identifying the user - since that doesn't involve the browser trusting the ID CA.

See RFC 5280, Section 4.2.1.3, Key Usage: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3

load more comments (1 replies)
load more comments (5 replies)
[-] sonymegadrive@feddit.uk 9 points 1 year ago* (last edited 1 year ago)

That means cryptographic keys under one government’s control could be used to intercept HTTPS communication

Could someone smarter than me explain how this would be possible? Wouldn’t the browser still be able to enforce privacy between the client and origin? Or is it the case that certificates issued by these CAs could in theory only support weaker cyphers?

Edit: Some really useful explanations. Thank you!

[-] wdx@feddit.de 41 points 1 year ago

There can be an infinite amount of certificates for a single domain.

When you setup a connection to a website you basically get a response back that has been signed with a certificate.

Your Browser / OS has a list of certification authorities that it deems trustworthy.

So when you get the response the browser checks if the certificate was issued by a trusted CA.

Now, if the EU forces browsers to trust their CA they can facilitate a man-in-the-middle attack.

In this instance they will intercept the TLS Handshake and give you back a response that was signed by their certificate. Your Browser deems the certificate valid and sets up a secure tunnel to the EUs Server.

From then on they can forward packets between you and the real website while being able to read everything in cleartext

[-] Pfosten@feddit.de 17 points 1 year ago

Cryptography works. At least until sufficiently powerful quantum computers arrive, TLS reliably ensures confidentiality between your browser and the server. No one else can snoop on the data transmitted via that connection.

But are you connected to the right server? Without some kind of authentication, any adversary in the middle (such as your ISP) could impersonate the real server.

That is where certificates come in. They are issued by neutral certificate authorities (CAs) that check the identity. It works something like this:

  • I, the server operator, create a private key on that server. I use that key to create a certificate request which asks the CA to give me a certificate. This request also contains the domain names for which the key shall be used.
  • The CA performs identity checks.
  • The CA issues me the certificate. I install it on my server. Now, when browsers create a TLS connection I can tell them: here's my public key you can use to check my identity, and here's a certificate that shows that this is a valid key for this domain name!
  • The browser will validate the certificate and see if the domain name matches one of the names in the certificate.

What kind of checks are done depends on the CA. I've obtained certificates by appearing in person at a counter, showing my government ID, and filling out a form. Nowadays more common is the ACME protocol which enables automated certificate issuance. With ACME, the CA connects to the server from multiple network locations (making interception unlikely) and checks if the server provides a certain authentication token.

To know which certificates are valid, browsers must know which CAs are trusted. Browser makers and CAs have come together to create an evolving standard of minimum requirements that CAs must fulfill to be eligible for inclusion in the browser's default trust store. If a CA violates this (for example by creating certificates that can be used for government traffic interception, or by creating a certificate without announcing it in a public transparency list), then future browser versions will remove them, making all their certificates worthless.

eIDAS 2 has the effect of circumventing all of this. There is to be a government-controlled CA (already high-risk) that has its own verification rules set by legislation (does not meet industry standard rules). And browsers would be legally forced to include the eIDAS CAs as "trusted".

This puts browsers in a tough spot because they've resisted these kinds of requests from authoritarian regimes in the past. But now the world's largest trade bloc is asking. Browsers can comply or leave the EU market, or maybe provide a less secure EU edition? Awakens uncomfortable memories around the failed US attempts at cryptography export control (cryptography is considered a munition, like hand grenades or ballistic missiles).

It is plausible that the EU is doing this with good intentions: having a digital identity scheme is useful, it makes sense for identity to be government-controlled (like passports), and such a scheme will only see success if it sees industry adoption. The EU has also seen that hoping for voluntary industry adoption doesn't generally work, e.g. see the USB-C mandate.

[-] topperharlie@lemmy.world 3 points 1 year ago

you seem to know what you are talking about and I looked into this very long ago, maybe you can help me understand.

From what I can understand reading most of the article this forces browsers to accept the certificates, but it doesn't force the websites to use them, right?

So what is stopping Firefox from showing a warning (like the lock icon being orange, but it could also be a more intrusive message) stating that the certificate was issued by a country and/or doesn't fullfil modern security standards in case one of these CAs is used?

On top of that, the CA doesn't really encrypt the private key of the domain, it just adds a signature stating that the message with the salt and the public key are legit, right? everyone seems to think the government itself will be able to passively see the traffic, but if I remember correctly they would have to gateway the whole transaction (I'm guessing the browser will also have a cache of keys and this could become a bit tricky to do in a global way)

But of course we all know how technologically illiterate governments are (there could be one good, but there will be some "less good" for sure). So yeah, it does sound like a horrible idea to begin with. Because if a CA starts being insecure nowadays browsers can just remove them and go with their life, but if there is a law forcing browsers wouldn't be able to.

I'm just curious about the specifics in case I'm outdated on what I remember.

[-] Spotlight7573@lemmy.world 9 points 1 year ago

Regarding what a browser like Firefox can do, they aren't allowed to impose any stricter checks or requirements than what the EU's standards body permits and they must trust them, according to these rules. That means that the warning you suggested likely wouldn't be allowed.

As for it not happening passively, your right that it would need to be actively man in the middled. It would be fairly easy to detect but what could be done about it? The browser is required to trust it, additional checks can't be enforced, and the CA involved wouldn't be allowed to be distrusted without the relevant government's permission. It then becomes a game of who blinks first, the browser vendors potentially pulling out of a country or the EU entirely or a government that for some reason thinks it's in the right by intercepting traffic for the children, against terrorism, or whatever excuse they come up with.

load more comments (5 replies)
[-] CrabLangEnjoyer@lemmy.world 10 points 1 year ago

The government CA could just issue a new certificate for let's say Google, force your ISP to return a wrong IP when you ask your ISPs dns server what the address of Google is and then return a fake Google page instead or forward traffic to Google on your behalf and read all data. And since your browser trusts the new fake Google certificate from the government you won't get any https error or warning.

[-] peeteer@feddit.de 8 points 1 year ago

A government could create a new certificate for any domain without having ownership of the domain or permission of the owner. This way they can perform Man-in-the-middle attacks.

In such an attack someone intercepts the traffic of a client and presents their own certificate.

Because a government can create a universally accepted certificate, thise would be accepted as valid. The traffic can then be decrypted and forwarded to the real website. The attacker is now between the client and the real host (the Man in the middle) and can view the unencrypted traffic.

[-] krigo666@lemmy.world 7 points 1 year ago

The CA (Certification Authority) is what validates the encryption certificates that TLS uses in HTTPS. In this case it can certify a cypher that can be used in a site's certificates and be known to a government agency (the 3rd party) and used to decrypt the HTTPS stream. This basically an Man-In-The-Middle attack.

[-] vagabond@lemmy.dbzer0.com 5 points 1 year ago* (last edited 1 year ago)

When a website uses HTTPS they have a certificate that proves who they are. Your device uses that certificate to encrypt your data so that only that service can decrypt it. The issue is that it's just a file and anyone can make one. So to determine whether I trust your certificate I need it to be cryptographically signed by someone I already trust. These are the certificate authorities.

If I was a certificate authority that your device trusts then I could create a certificate for any domain and your device would believe me. Meaning I could sit between you and any web service and have you encrypt things with my certificate in a way that lets me decrypt everything before forwarding it to the service and you would never know.

[-] WuTang@lemmy.ninja 8 points 1 year ago

knowing that EU commission is full of IT "campers" waiting to reimburse their mortgage and they will probably outsource the work to india (despite being forbidden), i am not really fond of the idea.

[-] uis@lemmy.world 4 points 1 year ago

Can we at least admit that requiring CAs is not how ecryption in Internet should work? Just FYI there is already distributed public key infrastructure: DNS(DNSSEC).

load more comments (4 replies)
load more comments
view more: next ›
this post was submitted on 10 Nov 2023
520 points (99.1% liked)

Technology

60033 readers
2759 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS