[Jensson]

It is only undetectable if the site actually uses the vulnerable certificates. Otherwise you can see that the government is spying on you since the browser tells you what certificate it got (Telling you what certificate was used is a part of eIDAS). There is no way the government will replace certificates like that on an automated basis, it is too easy for people to notice and make a big deal about.

[supriyo-biswas]

If a nonprofit like Let’s Encrypt can perform automated certificate renewal with a few API calls, so can the government.

Also, MITMs are a thing and getting the EIDAS certs in the root store will show that the certs in question are trusted, which is all that really matters because there is no way for users to know what certificates were actually installed by the website owner.

[Jensson]

That has nothing to do with this, I don't think you understand this vulnerability. You can see which certificate authority issued the cert, so you can see if the suddenly the site started using a vulnerable cert provider and thus know that it is compromised. Note that the same attack is possible right now, the only difference is how your browser displays it, you can just install a plugin to get back the original behavior if you want. So this in no way prevents you from secure browsing.

TLDR: If you are worried about security you can always install a plugin to get back the old behavior. This just says that browsers should be able to trust them, not that you have to configure your browser to trust them.

[supriyo-biswas]

CA changes can happen due to many legitimate regions. Pinning certificates in this way doesn’t scale, as we saw with the deprecation of HPKP.

[Jensson]

All you need is a list of trusted CA's, like we do right now, and then issue a warning if it isn't on that list. It is a very simple plugin to make.

[g-b-r]

These certificate authories will also issue legitimate certificates btw, the regulation explicitly encourages local states to use them for their services

[g-b-r]

First, few people would know that they should install a plugin, second, since the laws says that browsers "shall ensure", there's a good chance that they would be forced to try to block these plugins

[g-b-r]

There's probably at most one person every ten millions who uses add-ons displaying each connection's certificate authority; and even them will likely not notice anything if it's only done to them occasionally (not to mention that absolutely no one checks the connections used to download third-party stuff, to my knowledge).

[Jensson]

Yes, because CA level attacks are basically nonexistent and not a very big deal since they require you to control the targets internet connection.

The moment people learn that the US government could control a CA and your internet provider to spy on you maybe that will change. But as is people think it is too much work for governments to bother with it.

[g-b-r]

> Yes, because CA level attacks are basically nonexistent and not a very big deal.

I'd call that bs, CA level attacks are very unlikely to be detected, so we know little about their prevalence.

(you edited your comment to add... that it requires you to control the targets internet connection?? And "the moment people learn that thenUS government could control (a CA) and your internet provider to spy on you maybe that will change With tls becoming ubiquitous they're now indispensable

[g-b-r]

ops I guess I destroyed my comment by mistake, and I can't edit it anymore...

It originally was

* I'd call that bs, CA level attacks are very unlikely to be detected, so we know little about their prevalence.

With tls becoming ubiquitous they're now indispensable*