Google's about to blacklist thousands of Chinese websites
China's relationship with America's tech firms is barely friendly, but things are about to get that little bit rougher. Google has announced that it'll stop trusting the security certificates provided by CNNIC, China's Internet Network Information Center. The dust-up between the two is pretty dry, but all you need to know right now is that if you visit a website that begins with https:// and ends with .cn, Chrome's about to bombard you with warning messages.
The trouble was caused by MCS Holdings, an Egyptian certification outfit that operated with CNNIC's blessing. According to Ars Technica, the company issued certificates that could be used for man-in-the-middle proxies, enabling nefarious types to track otherwise private online activity. Google doesn't believe that MCS was acting maliciously, and blames CNNIC for delegating its responsibility to an "organization that was not fit to hold it."
Google rejection of CNNIC certificates will affect new Chinese encrypted sites. Those start in "https" and end in ".cn"
- Eva Dou (@evadou) April 2, 2015
According to Google's blog, both the search engine and the CNNIC have agreed that the latter's security certificates will no longer be deemed trustworthy by Chrome. There'll be an as-yet unstated grace period for websites to re-certify with a new provider, but after that point, the browser will ask you if you're sure you want to visit a site it considers untrustworthy. Once CNNIC has cleaned house, it'll be entitled to reapply for a trusted position in Google's hearts.
There's a little nugget of controversy here, too, since CNNIC doesn't necessarily agree with Google's assertions. The Wall Street Journal is reporting that the Chinese agency disagrees with the act, saying that the decision is "difficult to understand and accept." Mozilla users, meanwhile, are also being taken care of, although the team behind the Firefox browser aren't ready to say what their plan is just yet.
