Internet services giant Google (GOOGL.NASDAQ) announced it would no longer recognize online security certificates issued by the official China Internet Network Information Center (CNNIC) after the latter issued certificates for unapproved domains that could compromise encryption protocols used by secure websites, South China Morning Post reported. The CNNIC told Google that it had contracted Mongolia-based MCS holdings to issue the certificates, but “rather than keep the private key in a suitable [hardware security module], MCS installed it in a man-in-the-middle proxy. These devices intercept secure connections by masquerading as the intended destination and are sometimes used by companies to intercept their employees’ secure traffic for monitoring or legal reasons,” Google said.
You must log in to post a comment.