Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
turbinemonkey 3 hours ago

    Compare this to what the EU built. The EU Digital Identity Wallet under eIDAS 2.0 is open-source, self-hostable, and uses zero-knowledge proofs. You can prove you're over 18 without revealing your birth date, your name, or anything else. No per-check fees, no proprietary SDKs, no data going to a vendor's cloud. The EU's Digital Services Act puts age verification obligations on Very Large Online Platforms (45M+ monthly users), not on operating systems. FOSS projects that don't act as intermediary services are explicitly outside scope. Micro and small enterprises get additional exemptions.

    The US bills assume every operating system is built by a corporation with the infrastructure and revenue to absorb these costs. The EU started from the opposite assumption and built accordingly.
Just another reminder of how we need to protect what we have in the EU (not a guarantee, but at least a chance of fair dealing and a sustained commitment to civic values). Now that the mask has fully fallen, we have to take every step possible to root out American influence.
sidewndr46 3 hours ago | parent [-]

Isn't eIDAS the same technology stack that would put the government in total control of what websites you can view & what ones you can't?

https://en.wikipedia.org/wiki/Qualified_website_authenticati...

turbinemonkey 2 hours ago | parent [-]

QWACs exist to provide a more stringent and user-accessible way to assert a website's identity, mostly to foil phishing and other exploits that regular certificate systems don't address well. Where does this cross into censorship at all?

sidewndr46 2 hours ago | parent [-]

When the government decides not to issue certificates to websites they don't like.

turbinemonkey 2 hours ago | parent [-]

Oh, stop. Tinfoil-hatting like this is how privacy and internet freedom activism gets a bad rap.

QWAC certs are only for "high value" sites: banks, government services, etc. They can only be issued by "Qualified Trust Service Providers" (e.g. digisign, D-TRUST, etc -- not governments), and cost many hundreds of euros. Your blog and mastodon instance and 98% of businesses just aren't affected.

People operating in "high risk" sectors that need access to payment infra (porn, drugs, etc) are, as always, going to have a hard time. That's a worthy conversation, but nothing about QWAC or eIDAS is about "the government not issuing certs to people they don't like".

sidewndr46 2 hours ago | parent | next [-]

This is how total control of a platform always starts. Google starts with Android and just does digital signing for applications through their store. Until they achieve control of the platform, then suddenly you can't load your own applications without them signing it either.

Secure Boot is just a technology for those that need it, until Microsoft decides it's mandatory for everyone.

gzread an hour ago | parent | prev [-]

It's not really tinfoil hatting, EU countries already deny privileges based on political affiliation and so on. Germany shut down a Muslim cultural center for refusing to censor a speech by someone who came from Gaza, merely because of the fact they came from Gaza. Limiting government power is still something the EU needs - they're not all good.