back to article Microsoft bins unloved Chinese cert shops

Microsoft's decided not to support digital certificates issued by Chinese outfits WoSign and StartCom, but the first-mentioned CA disputes the decision. Google, Apple and Mozilla binned WoSign certs in 2016. Microsoft says it has now “... concluded that the Chinese Certificate Authorities (CAs) WoSign and StartCom have failed …

  1. Anonymous Coward
    Anonymous Coward

    You just know those Chinese CA's are forced to share their root certs with the Chinese government.

  2. Anonymous Coward
    Anonymous Coward

    Why should we care what you say?

    There will come a day when an official statement will say that "our half of the Internet is the better half, we don't need your half at all. Goodbye!" and with that the GFW will shut the last open gateway. Self-sufficiency at last. Or something like that.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why should we care what you say?

      The trouble is we don't know which is the good half. We certainly know that the western half is rather corrupt. We know that the US are snooping the western half. We can be pretty sure the lack of trust in Chinese cert shops was seeded by the US Gov. with all the large US companies complying with banning them. We know that China created a firewall, and there's evidence both ways for what traffic they want to stop going where.

      Maybe I'm paranoid, but the older I get the more I feel like our news is mostly propoganda. Certainly learning about world currency and finance has demonstrated a lack of truth around various wars and now I feel sorry for the victims of the west.

      1. Steve the Cynic

        Re: Why should we care what you say?

        "Maybe I'm paranoid, but the older I get the more I feel like our news is mostly propoganda."

        **Everybody's** news is mostly propaganda. I previously worked as a developer in the London office of a large US-based financial information service with its own news organisation. As a result, I had access to news wire feeds from the entire world. For amusement value, I ticked boxes to see headlines for a bunch of English-language feeds from countries scattered around the world.

        Boy, that was an eye-opener!

        Stories describing the same event looked completely different depending on where they came from. The most extreme differences were for news about events in the Middle East, comparing feeds from Europe, the US, Australia, India, Israel, and Iran, especially Iran. Wow. It was sometimes like they were talking about completely different things.

  3. Adam 1

    A CA has one job

    Guarantee me that the certificate provided by the website belongs to the folk that control that website. If what you do means that yes might not actually mean yes then you are failing at your one and only job. You are simply wasting space in my cert store.

  4. Ben Tasker

    > WoSign has labelled Microsoft's post “misleading”. In a post we've shoved through online translation engines, the company says its replaced its root certificate in November and that its recent certificates present no risk to users

    They said the same about the Firefox/Chrome de-trust.

    When I was looking at it last, I didn't find a conclusive answer on the truth of it, although they have submitted a new audit to try and get re-included in both Firefox and Chromium. But, crucially, the Chromium bug says they don't expect the audit to complete until October, so that's after the certs will have been distrusted.

    So my conclusion for anyone relying on WoSign was basically - ignore what they're saying, there's a greater than acceptable chance they're wrong and the certs won't be trusted.

  5. hellwig

    Based on Trust

    If you work in an industry based on trust, you can't really just say "whoops, let me try again". You lost that trust, it's over.

    It doesn't help when you're a Chinese company and no one can tell if your "mistakes" were deliberate actions taken on behalf of the government or not.

    1. Anonymous Coward
      Anonymous Coward

      Re: Based on Trust

      Have you ever asked yourself how you know that Chinese companies are untrustworthy, or why you think their government is intervening?

      Have you ever asked yourself also why you don't see the US government interfering with US companies as a similar issue? "The land of the free" is a marketing campagne, and a rather well executed one, but it's actually one of the most corrupt political systems in the world.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like