Like Google, Mozilla set to punish Chinese agency for certificate debacle

2 Apr 2015 | Author: | No comments yet »

China Protests Google’s Website Security Certificate Decision.

Beijing: A Chinese internet regulator on Thursday slammed as “unacceptable” a decision by Google Inc to no longer recognise its certificates of trust, a move which could deter Chrome browser users accessing sites approved by the authority. China Internet Network Information Center said on its website Thursday that Google’s decision was “difficult to understand and accept,” and urged the U.S. company to fully “consider the rights of users.” CNNIC also said it would ensure its existing users aren’t affected.

CNNIC, which plays a central role in administering China’s internet by allocating and certifying IP addresses and web domain names, urged Google to consider user rights and interests. Last week CNNIC’s certificates, which are used to ensure that the connection between an internet user and a website is secure, came under scrutiny after an official Google blog post said the Chinese agency had allowed Cairo-based MCS Holdings to issue unauthorised certificates for various Google domains. The certificates are particularly relied upon by shopping and banking sites, so that users know that they are accessing and giving their details to the right people. Microsoft Corp and Mozilla, which together with Google develop three of the world’s most-used web browsers, also removed trust of those unauthorised certificates last week, following Google’s post. “While neither we nor CNNIC believe any further unauthorised digital certificates have been issued, nor do we believe the misissued certificates were used outside the limited scope of MCS Holdings’ test network, CNNIC will be working to prevent any future incidents,” Google said on Wednesday. The US search giant added that CNNIC was welcome to reapply for recognition “once suitable technical and procedural controls are in place,” and CNNIC’s existing certificates would be trusted for a limited time through a whitelist.

Those certificates were then used to intercept internet communications, meaning that visitors to supposedly secure websites could actually have their data stolen.

Here you can write a commentary on the recording "Like Google, Mozilla set to punish Chinese agency for certificate debacle".

* Required fields
All the reviews are moderated.
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site