Security News > 2022 > March > Moscow to issue HTTPS certs to Russian websites

Moscow to issue HTTPS certs to Russian websites
2022-03-11 04:55

Moscow has set up its own certificate authority to issue TLS certs to Russians affected by sanctions or otherwise punished for president Putin's invasion of Ukraine.

A notice on the government's unified public service portal states that the certificates will be made available to Russian websites unable to renew or obtain security certificates as a knock-on effect of Western sanctions and organizations refusing to support Russian customers.

The Register cannot imagine any of the mainstream browser devs will rush to make these Russian certs work in their applications.

As a bonus for Putin, it's rather easy for Kremlin spies to intercept, decrypt, and snoop on connections encrypted using certificates issued by the government.

The more websites using Moscow-issued certs, the more connections Putin's agents can quietly monitor.

Russia appears to have a need to run some defense, too, because entities using the name and iconography of hacktivist collective Anonymous claim to have cracked Russian telecoms and media regulator Roskomnadzor and lifted 820GB of data from one of its state offices.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/11/russian_ca/