Russia currently offers its own TLS (Transport Layer Security) CA (certificate authority) that should fix the issue of renewing certificates issued by other countries.
Russia’s New TLS Certificate Authority
The event is connected to the numerous sanctions imposed by western companies and governments preventing Russian sites from renewing existing TLS. This has caused browsers to block access to websites with expired certificates. To address the problem, Russia has invented a solution in the form of an independent domestic certificate authority.
As explained by the Russian public services portal, Gosuslugi, the authority is meant to replace the foreign security certificate, when it is evoked or expires. “The Ministry of Digital Development will provide a free domestic analogue. The service is provided to legal entities – site owners upon request within 5 working days,” the announcement said.
It should be noted that in order for the new authority to be trusted by web browsers, it first needs to be vetted by companies. This is usually a lengthy process. At the moment, the only browsers that recognize Russia’s new TLS authority are Yandex (which is Russian), and Atom products. Russian users are currently only limited to these browsers, and are advised to use them rather than popular ones such as Google Chrome and Mozilla Firefox.
As for websites and services using the certificates, the list includes Sberbank, VTB, and the Russian Central Bank, Bleeping Computer reported.
Russian media has also been sharing a list that includes 198 domains that reportedly received a notice to use the domestic TLS certificate. For now, its use hasn’t been made mandatory.
Some have raised concerns that Russia could start abusing its certificate authority and carry out HTTPS traffic interception and man-in-the-middle attacks. For now, users of other browsers (such as Chrome and Firefox), can manually add the Russian root certificate to be able to reach Russian websites running the state-issued certificate.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: