Connect with us

PressRelease

To avoid sanctions, Russia establishes its own TLS certificate authority.

Published

on

Russia establishes its own TLS

As a result of restrictions preventing certificate renewals, Russia has established its own trustworthy TLS certificate authority (CA) to address growing website access issues.

Due to the restrictions put in place by western businesses and governments, Russian websites are unable to renew their TLS certificates, which results in browsers blocking access to sites with expired certificates.

TLS certificates assist the web browser in verifying that a domain is associated with a recognised organisation and that information being transmitted between the user and the server is encrypted.

The inability of signing authority situated in nations that have placed sanctions on Russia to accept fees for their services prevents numerous websites from being able to renew their expired certificates.

Web browsers including Google Chrome, Safari, Microsoft Edge, and Mozilla Firefox may display full-page warnings that the sites are vulnerable once a certificate expires, which may cause many people to leave the website.

A national authority

For the autonomous issuance and renewal of TLS certificates, the Russian government has envisioned a local certificate authority as a potential option.

If the foreign security certificate is revoked or expires, it will be replaced with this one. A free domestic analogue will be offered by the Ministry of Digital Development. According to the Russian public services web Gosuslugi, the service is offered to legal entities – site owners upon request and is delivered within 5 working days (translated).

However, it might take a while for new Certificate Authorities (CA) to pass scrutiny from various businesses before being trusted by web browsers.

The Yandex browser and Atom products from Russia are the only web browsers that now acknowledge Russia’s new CA as reliable, thus Russian consumers are advised to use them rather than Chrome, Firefox, Edge, etc.

Sberbank, VTB, and the Russian Central Bank are among the websites that have previously obtained and are already utilising these state-provided certifications.

A list of 198 domains with a notification to use the local TLS certificate has purportedly been distributed in Russian media, but its usage is not now required.

A questionable proposition

Users of other browsers can manually apply the new Russian root certificate to keep accessing Russian websites that use the state-issued certificate. Examples of these browsers include Chrome and Firefox.

However, this raises fears that Russia may misuse its CA root certificate to carry out man-in-the-middle attacks and intercept HTTPS data.

The new root certificate would eventually be added to the list of certificates that have had their validity revoked as a result of this misuse (CRL).

As a result, Chrome, Edge, and Firefox will prohibit access to any websites utilising these domestic certificates, rendering them invalid.

All parties are obliged to trust certificate authority. However, it is doubtful that the main browser vendors will add Russia to their root certificate stores given that it does not already have any level of confidence.

To mitigate the negative effects of Western sanctions on its economy, Russia has taken some extreme steps. Many have assumed that the moment has come to shut off communication with the world internet and move its users to the “Runet.”

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

four + one =

PressRelease

Sources:On Monday, Facebook will reveal a range of music products, such as a Clubhouse-like app, a podcast discovery service integrated with Spotify, and more. (Vox, Peter Kafka)

Published

on

sources monday spotifykafkavox

Sources:On Monday, Facebook will reveal a range of music products, such as a Clubhouse-like app, a podcast discovery service integrated with Spotify, and more. (Vox, Peter Kafka)

Peter Kafka / Vox:

Several audio products, including a Clubhouse-like app, a podcast finding service integrated with Spotify, and more, will be unveiled by Facebook on Monday, according to sources. On Monday, there will be announcements, although some things won’t be available for some time. — Facebook wants you to start communicating with others on the site.

Continue Reading

PressRelease

ByteDance’s founder Zhang Yiming steps down as Executive Chairman

Published

on

Zhang Yiming
The founder of TikTok’s parent company ByteDance founder Zhang Yiming has stepped down as chairman after announcing last May he was resigning as CEO and moving into a strategy role. New CEO Liang Rubo has taken over as chairman of the company’s board. The news comes shortly after the company announced a major organisational reshuffle at ByteDance to create six separate business units.
Continue Reading

PressRelease

Uber and Lyft will share data on banned drivers to protect passengers

Published

on

Uber
Rival companies Uber and Lyft have announced their plans to share with each other the names of drivers that have been banned from their platform, in an effort to increase passenger’s safety. The two apps have been criticised in the past for their handling of sexual assault and other safety concerns. Uber has revealed that in 2018 there were 3,045 sexual assaults and nine murders in its cars.
Continue Reading

Trending