Skip to content

BBC Chinese: Google Rejected CNNIC Issued Web Certificates

BBC Chinese recently reported that Google announced on April 1 that it will no longer trust the certificates that the CNNIC (China Internet Network Information Center) issues. The decision means that Google’s popular web browser Chrome will no longer recognize the web sites that carry CNNIC certificates, which are meant to provide proof that the site can be trusted. Chrome will instead issue a security warning to the users and recommend that they not open the web page. CNNIC then issued a statement calling Google’s move, “difficult to understand and accept.” Google officially explained that the decision was based on the fact that CNNIC allowed the Egyptian company, MCS Holdings, to issue unauthorized certificates for a number of Google domains (in short, a domain is an identifier for a computer on the network). This left users and websites vulnerable for hackers to conduct “man-in-the-middle” attacks (the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other). After learning of Google’s announcement, both Microsoft and Mozilla also revoked CNNIC certificates. Google, Microsoft, and Mozilla are the top three browsers in the world. 
Source: BBC Chinese, April 2, 2015
http://www.bbc.co.uk/zhongwen/simp/china/2015/04/150402_china_google_internet