We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...
The EU Parliament has published a new proposal for Chat Control to mass-surveil all digital communication in Europe. The proposal is ineffective, weakens secure communication, and violates basic human privacy. This must be stopped immediately. #ChatControl
csa-scientist-open-letter.org/Sep2025
Yesterday, @cathie.bsky.social gave a great talk at @ietf.org 123 on the importance of standardizing Sigma protocols and our ongoing work toward a standard for zero-knowledge proofs! You can watch the talk here:
New paper(!) on the "clubcard" data structure that we're using for WebPKI revocation checks in Firefox.
A clubcard is a membership test for an r element subset of an n element set. Size is ~1.13 log(n choose r) bits. Or (better!) ~1.13 Σ log(n_i choose r_i) where i indexes blocks of a partition.
Ooooh this is an excellent application of Privacy Pass, the anonymous credential scheme we originally designed to ameliorate the pain of Cloudflare CAPTCHAs on Tor.
Authenticate with a paid account to obtain tokens, then anonymously redeem them to make unlinkable searches.
np, it's a horribly convoluted bill.
255. (8) A person to whom a relevant notice is given, or any person employed or engaged for the purposes of that person's business, must not disclose the existence or contents of the notice to any other person without the permission of the Secretary of State.
www.legislation.gov.uk/ukpga/2016/2...
NIST released a draft of a non-binding document (IR 8547 ipd) saying they plan to disallow non-PQC in 2035.
2035 is ten years from now, there's no need to rush anything right now.
csrc.nist.gov/Projects/pqc... is still running and large ecosystems are still figuring out what/how to deploy.
