They wouldn’t get banned. That’s the problem. The article mandates that these certificates are exempt from the usual repercussions for acting out

I’m not saying they are definitely not stupid enough to try it but they would only be able to do it once.

They will the be caught and they will do it again and again. Normies they don’t give a fuck about privacy or certificates.

This isn’t it. You can use a separate CA for identification and for websites (TLS). If this were the problem, they could use any existing CA for their websites and their own for identifying the user - since that doesn’t involve the browser trusting the ID CA.

See RFC 5280, Section 4.2.1.3, Key Usage: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3

When it comes to regulations, intent doesn’t matter when they enable abuse of power.

I don’t give a fuck if this is not aimed at spying. It trivially allows it, and that’s what matters.

It should be every country in EU and those looking to join to have certificates on their id cards. Am thinking they are just trying to expedite the process. EU could easily create their own regulatory body and get approved by other root certificate holders to establish path of trust, but most likely it complicates things and/or takes too long.

Not to sound too pessimistic but making a browser trust another certificate is not that difficult. If they wanted to MITM attack anyone it would be fairly easy given that people usually install software from any source let alone government without thinking twice. During that installation another certificate can be added to the list of trusted roots and problem solved. It wouldn’t be harder to achieve and it would be much harder to detect.

Whatever their “intent” it fucking dumb and an invasion of privacy with no real justification. Governments don’t need to see what I’m doing on the internet.