No. At the end of the day, I control which certificates I consider valid. Browsers just choose the defaults. There is no way I quietly let some government usurp that power, considering how easy to abuse it is.
Yes I mean tls certs as those control what dns records are considered valid.
No they don’t. That is not what TLS really does. But I guess close enough.
Even more reason to have relatively neutral organizations transparently curate the list of trusted CAs. While I am sure governments also closely monitor the process and would step in if they deemed it a threat.
Google is a threat. They should know they can be subverted if they continue in their ways with the questionably ethical human experimentation (for instance, undisclosed A/B testing including full context)
So we come full circle. The government having the ability to impersonate a site is exactly what I believe must not happen.
If the EU wants to create search.eu or any other search site, more power to them. I certainly wouldn’t use it, but hey, if you want to trust them, you can.
If they want to block google search… Eeeeh… I guess that is fine?
But they shouldn’t be able to create a fake certificate for google.com or any site for that matter, not only allowing them to impersonate the site, but also intercept encrypted traffic between users and that site.
So no. Governments should not control the TLS infrastructure.
No. At the end of the day, I control which certificates I consider valid. Browsers just choose the defaults. There is no way I quietly let some government usurp that power, considering how easy to abuse it is.
No they don’t. That is not what TLS really does. But I guess close enough.
Ok but my grandma can’t
Even more reason to have relatively neutral organizations transparently curate the list of trusted CAs. While I am sure governments also closely monitor the process and would step in if they deemed it a threat.
Google is a threat. They should know they can be subverted if they continue in their ways with the questionably ethical human experimentation (for instance, undisclosed A/B testing including full context)
What does that have to do with TLS?
One of the reasons to create a domestic redirect of google.com
So we come full circle. The government having the ability to impersonate a site is exactly what I believe must not happen.
If the EU wants to create search.eu or any other search site, more power to them. I certainly wouldn’t use it, but hey, if you want to trust them, you can.
If they want to block google search… Eeeeh… I guess that is fine?
But they shouldn’t be able to create a fake certificate for google.com or any site for that matter, not only allowing them to impersonate the site, but also intercept encrypted traffic between users and that site.
So no. Governments should not control the TLS infrastructure.