Experts Urge EU Not to Force Insecure Certificates in Web Browsers

by
janrinok
from SoylentNews on (#5WTQG)

upstart writes:

Experts urge EU not to force insecure certificates in web browsers:

A group of 38 cybersecurity professors and IT experts worldwide, together with the Electronic Frontier Foundation (EFF), have cosigned a letter to EU regulators that warns of a proposal that could expose internet users to cybercrime.

More specifically, the experts' highlight problems in the proposed amendment to Article 45 concerning establishing a framework for a European Digital Identity.

The particular provision requires web browsers like Chrome, Safari, and Firefox to accept QWACs (Qualified Website Authentication Certificates), which practically compels browser developers and security advocates to ease their security stance.

[...] As part of the amendment to Article 45, EU lawmakers want to force browsers to accept QWACs certificates to improve authentication on the Web and create a more streamlined system of GDPR compliance, owner information, and data transaction guarantees.

QWACs combine TLS and electronic ID into a single certificate, binding identity with TLS deployment, theoretically creating a transparent and technologically neutral system.

[...] The letter sent to members of the European Parliament warns of technical implementation flaws in the QWACs, which are the very reason standing in the way of its mass adoption since 2014 when the new website authentication system was first introduced.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments