this post was submitted on 10 Nov 2023
510 points (98.9% liked)
Technology
59555 readers
3450 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
This isn't it. You can use a separate CA for identification and for websites (TLS). If this were the problem, they could use any existing CA for their websites and their own for identifying the user - since that doesn't involve the browser trusting the ID CA.
See RFC 5280, Section 4.2.1.3, Key Usage: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3
I guess you're right. Maybe it is about spying after all.