Google Blacklisting Sites Approved By China's Internet Certificate Authority
The war between American tech firms and China is about the get uglier as Google plans to blacklist websites approved by China's Internet Certificate Authority.
For users, it simply means that upon visiting a website that begins with https:// and ends with .cn, Chrome will bombard you with warning messages.
The trouble was caused with by MCS Holdings, an Egyptian certification outfit that operated with CINIC's blessing. The company, reportedly issued certificates that could be used for man-in-the-middle proxies, enabling nefarious types to track otherwise private online activity.
According to Google, MCS wasn't acting maliciously and has blamed CINIC for delegating its responsibility to an "organization that was not fit to hold it."
"Chrome users do not need to take any action to be protected by the CRLSet updates. We have no indication of abuse and we are not suggesting that people change passwords or take other action. At this time we are considering what further actions are appropriate," official Google Online Security Blog noted.
After clearing up, CNIC will be entitled to reapply for a trusted position in Google's hearts.
According to WSJ, the Chinese agency disagrees with the act, saying that the decision is "difficult to understand and accept."
"As a result of a joint investigation of the events surrounding this incident by Google and CNNIC, we have decided that the CNNIC Root and EV CAs will no longer be recognized in Google products," the blog post noted.