[isilofi]

Website-based end-to-end encryption isn't usually. In most cases, the "e2e-encrypting" website will deliver the Javascript that does the "e2e-encryption", which can easily be manipulated to provide a copy of all messages to some convenient third location.

A warrant will maybe warn the site and the user that something is going on.

A man-in-the-middle attack without a warrant delivered to either party is more likely to go undetected.

[Jensson]

> which can easily be manipulated to provide a copy of all messages to some convenient third location.

Updating others javascript as a proxy isn't "easily".

Also if the government goes all this way to tell each internet provider to spy on people, why do you think they couldn't tell certificate authorities to spy on people? It is the same level. I wouldn't be surprised if many CA's in USA already does this.

[isilofi]

It is "easily", because current commercially available "firewall" appliances include that kind of capabilities. Just a few clicks, install a CA certificate, add a logging endpoint, done. Certain regulated industries like finance and medicine are required to use those. All chats are instantly intercepted and logged.

And the way to spy on people via a certificate authority is exactly as described, you get a CA that signs your man-in-the-middle certificate for a website you do not own. Then you MitM that traffic using that certificate, while still getting a green "lock" icon.

With current WebCA certificates, certificate transparency does help a little to detect such MitM certificates, and some CAs have actually been caught red-handed. There are processes to punish or remove such CAs. However, this law would also prevent such actions, thus making it impossible to prevent any future malfeasant CAs.

About an example MitM certificate case and removal, see the DigiNotar case: https://blog.mozilla.org/security/2011/08/29/fraudulent-goog...

For more about how certificate transparency works see http://nil.lcs.mit.edu/6.824/2020/papers/ct-faq.txt

[Jensson]

Maybe browsers shouldn't hardcode those things? If they let you blacklist CAs you could do that yourself or via a plugin. There is nothing preventing browsers from implementing that, and have a one click button "don't trust compromised CAs". Could even had that during install as a toggle, would satisfy every legal requirement.

If this means users gets more power over what CAs to trust then that is a good thing.

[isilofi]

You can manually distrust hardcoded CAs in all common browsers. But even now, this is rarely used because it is tedious, there are roughly a hundred active CAs.

And depending on how that law will be interpreted by courts, manually distrusting might be considered illegal.

[Jensson]

> manually distrusting might be considered illegal

It is just a display change, all the law says is:

"For those purposes web-browsers shall ensure that the identity data provided using any of the methods is displayed in a user friendly manner."

I don't see how adding a warning icon or block icon instead of the lock hurts would be banned. To me it seems like so much here is based on baseless assumptions.

[isilofi]

No, manually distrusting will probably be considered illegal. "Browsers shall ensure", no exceptions: https://news.ycombinator.com/item?id=38109691

I would also urge you to refrain from using terminology such as "baseless assumptions" when your own assumptions are so easily refuted by directly reading the text of the proposal.

[g-b-r]

to me at this point it seems like you're trying to defend this law a-priori...

[nulld3v]

> If this means users gets more power over what CAs to trust then that is a good thing.

Do you really think your average user is going to go into the browser and manually distrust root CAs? We have learned again and again that good security is "secure by default", not "secure after arcane configuration".