Moscow to issue HTTPS certs to Russian websites

From theregister.com

Moscow has set up its own certificate authority to issue TLS certs to Russians affected by sanctions or otherwise punished for president Putin’s invasion of Ukraine.

notice on the government’s unified public service portal states that the certificates will be made available to Russian websites unable to renew or obtain security certificates as a knock-on effect of Western sanctions and organizations refusing to support Russian customers. These certs are primarily useful for providing secure HTTPS connections. Delivery of the certificates is promised within five days of requests.

The portal is silent on which browsers will accept the certs. This is a critical matter, because if browsers don’t recognize or trust the certificate authority that issued a cert, a secure connection isn’t generally possible.¬†The Register¬†cannot imagine any of the mainstream browser devs will rush to make these Russian certs work in their applications.

Read more…