On Tue, 30 Apr 2024 at 03:20, Dennis Jackson <ietf=40dennis-jackson...@dmarc.ietf.org> wrote: > > When this work was presented at IETF 118 in November, several participants > (including myself, Stephen Farrell and Nicola Tuveri) came to the mic to > highlight that this draft's mechanism comes with a serious potential for > abuse by governments (meeting minutes). > > Although the authors acknowledged the issue in the meeting, no changes have > been made since to either address the problem or document it as an accepted > risk. I think its critical one of the two happens before this document is > considered for adoption. > > Below is a brief recap of the unaddressed issue raised at 118 and some > thoughts on next steps: > > Some governments (including, but not limited to Russia, Kazakhstan, > Mauritius) have previously established national root CAs in order to enable > mass surveillance and censorship of their residents' web traffic. This > requires trying to force residents to install these root CAs or adopt locally > developed browsers which have them prepackaged. This is widely regarded as a > bad thing (RFC 7258).
In the case of Mauritius, It was a proposal. There was public debate and the overwhelming majority of Mauritians rejected the proposal from the ICTA in 2021. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
