Google has announced it will no longer accept certificates from the China Internet Network Information Center (CNNIC) following a major breach of false certificates issued by MCS Holdings in Cairo, the company who handles quite a few .cn domains.
The false certificates may have allowed unverified and malicious websites to obtain clearance, passing through web browser checks. Google claims this is reason enough to pull CNNIC’s certificates, although the web registrar in charge of millions of domain certificates is not happy.
In a statement the CNNIC called Google’s decision “unacceptable and unintelligible”. The decision will mean banks and government sites certified by the CNNIC will not be given the green tick by Google, but show a red cross instead.
Google is holding onto terms with CNNIC for a short time, but will remove the certificates from its database. The search giant has said the CNNIC is welcome to reapply once it sorts its system out and make sure no internal breaches of interest happen again.
It is not the first time Google and China’s internet regulator have clashed heads. In 2010, Google removed search from China following a lengthy amount of government requests and privacy violations. This has lead to Baidu—the Chinese language search engine—becoming the second most used search engine worldwide.
Google has also been seeing recent activity from the Chinese government to block Gmail. Even though Android is the most popular OS and Google Chrome the most popular web browser in the country, Google Play is blocked and most of Google’s apps are banned or unused.
The Chinese government has also been busy attacking GitHub, the coding databank for developers and casuals, attacking two areas directly angering the government. The first was a network allowing Chinese people to see the internet without the Great Firewall, the other was the New York Times translated into Chinese.