Posted 12 октября 2022, 16:13
Published 12 октября 2022, 16:13
Modified 24 декабря 2022, 22:38
Updated 24 декабря 2022, 22:38
Irina Mishina
Site security certificates are specific protocols that allow the browser to understand that the resource that the user wants to go to is genuine and does not contain threats. The problem with these certificates began against the backdrop of sanctions. Prior to this, Russian sites used certificates issued by foreign certification centers. However, these certificates were revoked from many Internet resources back in the spring. Then some sites were left without documents from foreign certification centers. In response, the National Certification Center of the Russian Federation began to issue domestic security certificates.
But here a problem arose. If there are more sites that use domestic certificates, and, accordingly, users, Western developers can block them at the level of their own browsers, since they will no longer trust them. All this was already in Kazakhstan in 2019, when this country began to massively issue its own safety certificates. In the end, this idea was abandoned.
What are security certificates for? First of all, they encrypt traffic before establishing a connection, explains hacker Sergey Vakulin. Such certificates are needed so that a third party cannot intercept the data. If the browser cannot retrieve the document or if the certificate is blocked, the site will either not open or the information on it will not be displayed correctly, says cybersecurity expert Pavel Myasoedov. And on public services, trading systems and banking applications, an electronic digital signature may not work. When the site does open, there is a high risk that information from it will be intercepted by attackers.
“There is a problem, and it began with the fact that Sberbank began to use exclusively Russian security certificates. But this is an objective problem that exists not only in Russia. There are certain procedures that ensure the safety of users. A state can offer its own security certifications, but it can also fit into an accepted security system. Going through it is often long, difficult and you don’t want to. Kazakhstan followed this path, but abandoned its own security certificates, because many sites in this country began to be blocked. In general, your own security certificate does not guarantee full protection. If a potential attacker wants to intercept traffic, some data, he can succeed, ”Karen Kazaryan, general director of the Internet Research Institute, explained to NI.
If the browser cannot receive a security document or if the certificate is blocked, the site will either not open or the information on it will be displayed incorrectly, explained the director and partner of IT Reserve, cybersecurity expert Pavel Myasoedov.
“Sooner or later, Russia is quite capable of going on its own a long and important path towards recognition of its certificates in the international community of programmers. This is a procedure for trusting domestic certificates. It is a pity that the Russian encryption standard is supported exclusively by enthusiasts, and not by the state,” Karen Kazaryan, director general of the Internet Research Institute, told NI.
It is worth noting that a replacement for foreign browsers still exists. The simplest solution in the event of a forced abandonment of familiar foreign browsers is the transition to Russian technological solutions. Among such products, experts call the Chromium browser, which works best with various cryptographic applications such as electronic keys for digital signature. For simple tasks, the usual Yandex Browser or Atom is suitable. Also among domestic browsers, experts note Uran and Sputnik, reminiscent of the design and principle of operation of Chrome from Google.