Google China (Photo : Reuters)
Google decided to not let digital certificates from the China Internet Network Information Center through to its Chrome browser after a major trust breach a week ago which resulted into the dissemination of unauthorized credentials from Google domains.
The tech giant's move has several huge consequences that Google Chrome users will experience such as no connectivity to a wide range of banking and e-commerce sites such as Alibaba, the largest in China. This is because of its decision to stop recognizing CNNIC-issued web certificates.
However, Google is still giving time to affected website administrators to obtain new web credentials from any other authority besides the CNNIC.
After the grace period is over, engineers from the California-based search engine giant will begin blacklisting web certificates from CNNIC in their Chrome browser and other software, maybe extending even in Android.
Mozilla is also considering following the decision.
The Firefox creator is discussing with the Mozilla community on whether it will also reject the CNNIC certificates.
Unlike the search engine giant, Mozilla is also considering to let CNNIC re-apply, but with several additional requirements.
MCS Holdings, who operates under CNNIC, from Egypt is the one who issued the unauthorized certificates. CNNIC. MCS used the unauthorized web certificates in question in a man-in-the-middle proxy, according to Ars Technica.
For the uninitiated, the proxy can be used to intercept secure connections by fooling servers. Usually, the activity is used to monitor staff Internet traffic for legal reasons.
Meanwhile, the CNNIC posted a statement on its website on Thursday, urging Google to "consider" the decision for users and that it was difficult to accept, according to Bloomberg.
This is not the first time Google protested against Chinese censorship. In 2010, it moved most of its web services outside China as an effort to stand against the Great Firewall of China.
