[PeterStuer]

Honest question, so please bear with me.

How would an EU government that uses the Internet for servicing its citizens tell those citizens that the site they are accessing to provide very sensitive information is realy the government's and not some other actor's mitm'ed snooping conduit without having control of their own root CA?

Is demanding browsers distributed to EU citizens to carry this certificate different from demanding phone companies to route emergency service numbers correctly?

Ofc I can see the 'dark' potential for a mandated cert. Is this realy different from current browsers ubiquitously storing trusted root certificates from CA's issued by private companies residing in states with very serious compelled secret goverment access laws and regulations?

[ExoticPearTree]

Certificate Transparency Lists - and from what I understand, the EU does not want its CAs to publish such a list, and here lies the problem.

[ImPostingOnHN]

The first priority is ensuring citizens can answer, "how can I make sure my government isn't spying on me", to their satisfaction, and then they might start caring about the government's use-case/pretext.