Clarification on some media’s claim that “CNNIC has issued certificates for MITM attack”
On March 24th, some media reported Google's accusation that CNNIC has issued certificates for the Man-in-the-Middle (MITM) attack. In response to this report, CNNIC has the following Clarification.
1.CNNIC has not issued any certificate for the MITM attack. Google’s online security blog has not accused CNNIC for issuing certificates for the MITM attack either. Reports made by some media are inconsistent with the facts.
2.MCS, a server certificate partner of CNNIC, has confirmed that the sub-ordinate certificates improperly issued were only used for internal tests in its laboratory, which is a protected environment.
3.CNNIC has revoked its authorization to MCS on March 22nd.
4.CNNIC reserves the right to take further legal actions.
1.CNNIC has not issued any certificate for the MITM attack. Google’s online security blog has not accused CNNIC for issuing certificates for the MITM attack either. Reports made by some media are inconsistent with the facts.
2.MCS, a server certificate partner of CNNIC, has confirmed that the sub-ordinate certificates improperly issued were only used for internal tests in its laboratory, which is a protected environment.
3.CNNIC has revoked its authorization to MCS on March 22nd.
4.CNNIC reserves the right to take further legal actions.
China Internet Network Information Center(CNNIC)
March 25th, 2015
March 25th, 2015
Contact Us
TEL 010--58813000
Address:Floor 1, Building 1, Software Park, Chinese Academy of Sciences, 4 South 4th Street, Zhongguancun, Beijing
Postcode:100190
Tel:8610-58813000
Fax:8610-58812666
Website:www.cnnic.cn
www.日博365.tv.中国
Email:service@cnnic.cn(For Service)
supervise@cnnic.cn(For Complaint)