| > They're already starting to make it more difficult. Look at what's happening with DoH where it's harder and harder to choose how your DNS queries get done and you get steered to CloudFlare (who are pretty low on my list of entities I want to trust) instead. Now that browsers have mostly succeeded in forcing HTTPS everywhere, expect them to start turning the screws. DoH doesn't interfere with your ability to choose your own DNS provider. It only means that your DNS queries are between you and your DNS provider, free from the interference of your ISP and other third parties. It provides greater user freedom because your ISP cannot as easily force you to use their DNS provider. Nothing stops ISPs from offering DoH and some (e.g. Comcast) do offer it. Users may however benefit from using a DNS that's not affiliated with their ISP because ISPs are more vulnerable to censorship demands from governments. Usually, when a government demands that an ISP censor a website, the ISP will simply block DNS queries regarding that domain, allowing users of other DNS providers to escape the censorship. This may of course not be a long-term solution, as governments may be more likely to demand different censorship methods if fewer use the IPS DNS. As far as I'm aware, no one has suggested that DoH should be mandatory. It is a sensible default that improves the privacy and security of most users, but a user who decides that they do not want to use DoH can simply opt out in the settings. Likewise, HTTPS is not mandatory either, and browsers will not prevent users from accessing unsecure sites. They will however warn users to make sure they are aware of the risks. As far as I'm aware, browser vendors do not benefit from users using HTTPS everywhere. They encourage its use because it is generally beneficial to users. > Really? Can I make a FoI request to find out why a CA refused to issue a certificate to a particular entity? Is there a right of appeal if they refuse to issue a certificate on discriminatory grounds? A FoI request is just asking the government to give you information. They will never intentionally give you anything they do not want you to have. FoI laws tend to contain enough exceptions to cover any situation, but even if you should legally receive the information, there is nothing you can realistically do to make them provide it to you. Similarly, you can ask any organization for any information, and they can refuse. The same is true with appeals. You can ask an organization to reconsider its decision and for someone else in the organization to look at it, but the decision remains within the organization. The difference is what you can do once the decision has been finally made. Will the decision maker try to force me to adhere to their decision through violent means, or am I free to ignore them and try to convince others to do the same? The main difference regarding transparency is that more information is made public by default in the current system (what good is the ability to request information if you don't even know that the thing you wanted to request information about happened?) and that decisions are made by several separate entities that need to justify their decisions to each other in order to maintain consensus. |
> As far as I'm aware, browser vendors do not benefit from users using HTTPS everywhere. They encourage its use because it is generally beneficial to users.
Google (which is to say DoubleClick), which funds the majority of browsers, has a huge financial interest in HTTPS. They make their money on ad tracking, and it suits them to put a moat around that; privacy initiatives help them by making it harder for any new competitors to get hold of the same information they built their business on.