If the plan is approved, Firefox will not trust certificates issued by the Staat der Nederlanden (State of the Netherlands) Certificate Authority (CA).
This CA is operated by PKIOverheid/Logius, a division of the Ministry of Interior and Kingdom Relations, which is the same ministry that oversees the AIVD intelligence service.
New law givers Dutch govt power to intercept Internet traffic
What’s got Mozilla engineers scared is the new “Wet op de inlichtingen- en veiligheidsdiensten (Wiv)” — translated to Information and Security Services Act — a new law voted this year that will come into effect at the start of 2018.
This new law gives Dutch authorities the powers to intercept and analyze Internet traffic. While other countries have similar laws, what makes this one special is that authorities will have authorization to carry out covert technical attacks to access encrypted traffic.
Such covert technical capabilities include the use of “false keys,” as mentioned in Article 45 1.b, a broad term that includes TLS certificates.