Google’s move over digital certificates annoys Chinese net administrator

04 Apr 2015

A Chinese internet administrator slammed Google on Thursday, after the US search giant decided to stop recognising digital certificates issued by the group following a security lapse.

China's Internet Network Information Center (CNNIC) said in an online posting: ''The decision that Google has made is unacceptable and unintelligible.''

Following the decision, Google's Chrome browser could end up clashing with sites served by the Chinese Internet agency.

On Wednesday, Google explained the move in an update to an earlier blog posting and said it was still concerned over the manner in which CNNIC issued a certificate to an IT company based in Egypt in a botched security test.

It was not known how many sites had certificates from CNNIC.

Questions were raised about CNNIC's certificates last week, when it emerged that Egypt-based MCS Holdings was issuing certificates under CNNIC's authority, which were then used to intercept internet communications, which meant visitors to supposedly secure websites could actually have their data stolen.

Though a joint investigation by Google and CNNIC was conducted, the US company decided to drop the Chinese Internet agency as a recognised root certificate authority.

CNNIC slammed Google's decision as ''unacceptable and unintelligible'', in a statement. However, Google said this was only a temporary measure.

''We applaud CNNIC on their proactive steps, and welcome them to reapply once suitable technical and procedural controls are in place,'' Google added.

If the issue was not amicably settled, Google's decision could hamper the Chinese internet agency's reach according to commentators.

Google's Chrome browser would issue a warning upon encountering new CNNIC-issued certificates, to alert the user to the access risks.

Digital certificates are important, and their  abuse could see hacking attacks against unsuspecting users.

Internet browsers like Chrome use security certificates to flag sites that are safe for users, but they depend on the trust of issuing authorities like CNNIC, which check that connections are secure.

The certificates are especially important for shopping and banking sites, so that users know the sites can be trusted with their details.