12 Web community leaders have sent a letter to members of the European Parliament and representatives of the EU Council to express their security concerns about the revised Article 45 of the draft legislative proposal for e- ID.
The European Commission’s legislative proposal to amend the Electronic Identification, Authentication and Trust Services (eIDAS) regulation, which dates back to 2014 and aims to secure cross-border transactions, is facing pushback from the web community – particularly regarding Article 45.
Under the revised Article 45, browsers would be forced to accept a system of Qualified Web Authentication Certificates (QWACs) from Certificate Authorities (CAs), irrespective of whether they met the browser’s security standards.
“Unfortunately, this technical requirement is problematic as security teams’ must respond at the speed of evolving cybersecurity threats and incidents, and not be stifled by a legislative provision that would hamper such a timely response,” the letter, sent on Wednesday (6 April), reads.
The letter was signed by high-level internet players such as Vint Cerf, internet pioneer and former chairman of ICANN, and Andrew Sullivan, president and CEO of the Internet Society.
The text of the Proposal is available at the following link
If you would like to contact us send an email at : [email protected]