zlacker

[return to "Independent review of UK national security law warns of overreach"]
1. richso+L5[view] [source] 2025-12-18 12:10:27
>>donoho+(OP)
Developers of apps that use end-to-end encryption to protect private communications could be considered hostile actors in the UK. <-- HTTPS does this. What about secure sites like baking sites that encrypt end-to-end? Old farts making laws about things they know nothing about.
◧◩
2. Comman+uo[view] [source] 2025-12-18 14:10:26
>>richso+L5
Why worry about E2E encryption, in theory just need a cert issued from a vast array of CAs or intermediates. Which I wouldn't be suprised they possess the ability through some type of secret warrant, heck even private keys.
◧◩◪
3. JoshTr+4T[view] [source] 2025-12-18 16:25:35
>>Comman+uo
> Why worry about E2E encryption, in theory just need a cert issued from a vast array of CAs or intermediates.

Certificate Transparency thankfully means this is a tool a government could only use once if at all, and then they've burned an entire CA.

◧◩◪◨
4. Comman+X81[view] [source] 2025-12-18 17:27:44
>>JoshTr+4T
Isn't certificate transparency opt-in, so any trusted CA could be a potential attack route.
[go to top]