Google Confronts Chinese Agency Over Issue of Digital Certificates

Google Confronts Chinese Agency Over Issue of Digital Certificates
MaoNo / Pixabay

Google recently decided to reject digital certificates authorized by the Chinese Internet Network Information Center (CNNIC). In this regard, in a statement on Thursday, the Chinese organization criticized Google’s decision calling it “unacceptable and unintelligible.”

Google justifies the ban

In explaining its decision, the U.S.-based search provider said that the company still remains troubled by CNNIC’s choice to grant a certificate to an Egyptian IT company. The Chinese internet agency issued a digital intermediate CA certificate to MCS Holdings, based in Egypt, for internal testing. Intermediate certificates enable their acquirers to issue certificates for any internet domain names, so therefore, there arises a strict need to regulate their use.

Odey’s Brook Fund Posted A Commanding Q3 Return On Long And Short Sides [EXCLUSIVE]

Eurekahedge Hedge Fund Index invest Value InvestingOdey's Brook Absolute Return Fund was up 10.25% for the third quarter, smashing the MSCI World's total return of 2.47% in sterling. In his third-quarter letter to investors, which was reviewed by ValueWalk, James Hanbury said the quarter's macro environment was not ideal for Brook Asset Management. Despite that, they saw positive contributions and alpha Read More

However, the Egyptian firm abused their privileges during a failed security test, and tried to cover it up, citing human error. As a result, Google along with CNNIC undertook an inquiry into the matter.

Even though CNNIC’s efforts were appreciated, Google still abandoned the Chinese agency as a recognized root certificate authority. However, the U.S. company suggested that the ban was temporary, and encouraged its Chinese partner to reapply after the appropriate technical and procedural measures are completed.

“We applaud CNNIC on their proactive steps, and welcome them to reapply once suitable technical and procedural controls are in place,” Google added.

Tough road ahead for CNNIC

CNNIC regulates China’s Internet Infrastructure and operates the .cn domain name system. Along with this, the agency is connected with the Chinese government, which has been alleged of initiating cyber-attacks against the US companies and activist groups.

In case of an impasse, Google’s decision to blacklist CNNIC-issued certificates could hinder the Chinese agency’s control of the internet in their region.

Banning certificates would mean that Google’s Chrome browser, after a future update, could clash with the sites provided by the Chinese internet authority. The current dispute will not impact customers already provided with certificates, but securing future users could be a daunting task for CNNIC. Furthermore, Mozilla canceled the certificate granted by CNNIC to MSC Holdings last month.

Updated on

No posts to display