this post was submitted on 27 Jun 2024
255 points (98.9% liked)
Technology
59298 readers
6178 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
ISPs are not the government - yes, so they have to actually follow laws. And CAs caught doing what exactly, complying with the regulations of their country?
Exactly, and with ISPs not being the government, they can not force CAs to do anything. And yes, if a CA complys with an insane law that allows anyone to skirt around security and privacy (their ENTIRE purpose), they will lose the faith of the public, and people will drop them. Whether it was legal or not doesn't matter much for public sentiment.
What? That's absurd. There is no ISP that can simply not comply with the law, it doesn't matter about any faith or public because all other options have to comply with the same law so people do not have any options. This is just true in every country.
Thats hilarious 😂 I can name over half a dozen of them that do it on a regular basis.
Name one ISP that straight up breaks the law?
In canada, Shaw is one that glaringly and repeatedly violates Canadian Personal Privacy laws, in fact, nearly every ISP does so with only a few exceptions. Nothing usually happens to them, and if it does its just a small slap on the wrist. Its cost of doing business to them.
In canada at the very least, an order like that from the government to a CA wouldn't even be lawful. Just have to hope the CA has decent lawyers..
That sounds like some bs personal protection law meant to appease the proles. We're talking actual criminal law, federal crime stuff, stuff governments care about like IP violations, tax evasion or theft/murder at scale.
If an ISP or a CA protected guilty criminals in this manner such as by not issuing a cert to the FBI when they want one, it would be considered an accomplice and get stormed by the police.
I think you may have gotten confused at some point in this comment chain.. That is not what we were talking about at all.
The OP was about an ISP (not a Government) trying to get a CA to give them a copy of a cert so they could setup a fake version of a website to deploy malware. In no point of this comment chain are we talking about any government agencies forcing a CA to give them a cert.
If an ISP, with no legal backing (because they are not the government) get a CA to give them a cert, and the CA does it, that CA if discovered would very much lose any reputation it had and people will no longer trust it, thus ruining the company.
My reply was pointing out how any law that allowed an ISP to gain a cert from a CA would clearly be insane, and if a CA rolled over instead of fighting it, nobody would trust them with their certs anymore.
No bro I think you're confused, the topic for the comment chain was set here: https://lemmy.dbzer0.com/comment/11568788
Re-read this and hopefully you'll understand. Peace sir. 🙏