Security News > 2022 > March > Russian Pushing New State-run TLS Certificate Authority to Deal With Sanctions

The Russian government has established its own TLS certificate authority to address issues with accessing websites that have arisen in the wake of sanctions imposed by the west following the country's unprovoked military invasion of Ukraine.

According to a message posted on the Gosuslugi public services portal, the Ministry of Digital Development is expected to provide a domestic replacement to handle the issuance and renewal of TLS certificates should they get revoked or expired.

TLS certificates are used to digitally bind a cryptographic key to an organization's details, enabling web browsers to confirm the domain's authenticity and ensure that the communication between a client computer and the target website is secure.

What's not clear is whether web browsers such as Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari, intend to accept the certificates issued by the new Russian certificate authority so that safe connections to the certified servers can work as intended.

According to a tweet shared by Juan Andres Guerrero-Saade, principal threat researcher at SentinelOne, the public services agency is recommending the use of Russian browsers like Yandex and Atom.

"To have access to all sites and the necessary online services, including public services, we recommend installing browsers that support the Russian certificate," the email reads.

News URL

https://thehackernews.com/2022/03/russian-pushing-its-new-state-run-tls.html