Security News > 2022 > March > Russia Issues Its Own TLS Certs
Russia is offering its own trusted Transport Layer Security certificate authority to replace certificates that need to be renewed by foreign countries.
According to a notice on Russia's public service portal, Gosuslugi, as shown in a translated version in this article's featured art, the certificates will replace foreign security certs if they expire or get yanked by foreign CAs.
Over the past two weeks, Russia's internet services have been cut off by multiple major U.S. internet suppliers, including Cogent Communications, reportedly the second-largest internet carrier servicing Russia.
"I would like to convey to people all over the world that if you turn off the Internet in Russia, then this means cutting off 140 million people from at least some truthful information. As long as the Internet exists, people can find out the truth. There will be no Internet - all people in Russia will only listen to propaganda."
Somebody with a Mozilla domain email on Thursday started a thread to discuss examination of the new root Russia cert, pointing to the possibility of the Russian government using it to start mand-in-the-middle attacks - though, they said, none had been detected as of yesterday.
"Although at present there's no MitM, it's likely that government websites will start using this and once adoption is high enough Russia will perhaps start MitM," they said.
News URL
https://threatpost.com/russia-issues-its-own-tls-certs/178891/