Moscow has set up its own certificate authority to issue TLS certs to Russians affected by sanctions or otherwise punished for president Putin’s invasion of Ukraine.
A notice on the government’s unified public service portal states that the certificates will be made available to Russian websites unable to renew or obtain security certificates as a knock-on effect of Western sanctions and organizations refusing to support Russian customers. These certs are primarily useful for providing secure HTTPS connections.
The portal is silent on which browsers will accept the certs. This is a critical matter, because if browsers don’t recognize or trust the certificate authority that issued a cert, a secure connection isn’t generally possible. The Register cannot imagine any of the mainstream browser devs will rush to make these Russian certs work in their applications.
Russians do have a local alternative. Yandex, the nation’s Google analog, has won 16 per cent local market share with its YaBrowser – well behind the 55 per cent share Stat Counter attributes to Google’s Chrome.
If Yandex recognizes Russia’s certs, and can quickly upgrade users and win tens of million more, Russia’s plans just might fly. As a bonus for Putin, it’s rather easy for Kremlin spies to intercept, decrypt, and snoop on connections encrypted using certificates issued by the government. The more websites using Moscow-issued certs, the more connections Putin’s agents can quietly monitor.
Russia, meanwhile believed to be behind recent disruption at Ukrainian telecoms providers. Russia appears to have a need to run some defense, too, because entities using the name and iconography of hacktivist collective Anonymous claim to have cracked Russian telecoms and media regulator Roskomnadzor and lifted 820GB of data from one of its state offices.
Cryptography which Russia has rightly identified as a key issue in the economic dimension of this conflict – will also be a critical tool if the flow of information unmolested by Vladimir Putin ever resumes in Russia.