Google Confronts Chinese Agency Over Issue of Digital Certificates

Google recently decided to reject digital certificates authorized by the Chinese Internet Network Information Center (CNNIC). In this regard, in a statement on Thursday, the Chinese organization criticized Google’s decision calling it “unacceptable and unintelligible.”

Google justifies the ban

In explaining its decision, the U.S.-based search provider said that the company still remains troubled by CNNIC’s choice to grant a certificate to an Egyptian IT company. The Chinese internet agency issued a digital intermediate CA certificate to MCS Holdings, based in Egypt, for internal testing. Intermediate certificates enable their acquirers to issue certificates for any internet domain names, so therefore, there arises a strict need to regulate their use.

Vanguard’s move into PE may change the landscape forever

Private equity has been growing in popularity in recent years as more and more big-name funds and institutional investors dive in. Now even indexing giant Vanguard is out to take a piece of the PE pie. During a panel at the Morningstar Investment Conference this year, Fran Kinniry of Vanguard, John Rekenthaler of Morningstar and Read More


However, the Egyptian firm abused their privileges during a failed security test, and tried to cover it up, citing human error. As a result, Google along with CNNIC undertook an inquiry into the matter.

Even though CNNIC’s efforts were appreciated, Google still abandoned the Chinese agency as a recognized root certificate authority. However, the U.S. company suggested that the ban was temporary, and encouraged its Chinese partner to reapply after the appropriate technical and procedural measures are completed.

“We applaud CNNIC on their proactive steps, and welcome them to reapply once suitable technical and procedural controls are in place,” Google added.

Tough road ahead for CNNIC

CNNIC regulates China’s Internet Infrastructure and operates the .cn domain name system. Along with this, the agency is connected with the Chinese government, which has been alleged of initiating cyber-attacks against the US companies and activist groups.

In case of an impasse, Google’s decision to blacklist CNNIC-issued certificates could hinder the Chinese agency’s control of the internet in their region.

Banning certificates would mean that Google’s Chrome browser, after a future update, could clash with the sites provided by the Chinese internet authority. The current dispute will not impact customers already provided with certificates, but securing future users could be a daunting task for CNNIC. Furthermore, Mozilla canceled the certificate granted by CNNIC to MSC Holdings last month.