Both Google Chrome and Mozilla’s Firefox will stop trusting new digital certificates that of the issued by China Internet Information Center (CNNIC) following last week’s breach that saw unauthorized security certificates for various Google URLs.

In simple terms, CNNIC issued certificates to Egypt –based MCS Holdings in the name of various Google domains, which is eventually was used as a man-in-the-middle attack. It could then be used to intercept data by fooling browsers that they were legitimate security certificates issued to the true domain.

As part of the agreement which all certificate authorities are bound to, they are not permitted to issue a certificates for domains that are not under the control of the requesting party. In essence the should stop anyone from being issued a certificate for a site such as Google.com, unless they own the domain.

This does bring up the issue where users need to ensure they are buying a secure certificate from a legitimate source. Especially with the HTTPS ranking boost, albeit a small one, many website owners are purchasing cheap security certificates without knowing how legitimate the certificate sellers actually are.

CNNIC claims there will be no impact on any of our current customers, however it wouldn’t be surprising to see many websites changing from CNNIC as a result.

While both Google Chrome and Mozilla Firefox state they will no longer trust CNNIC certificates in their browsers, Microsoft is still investigating the possibility.

And it is probably worth double checking to ensure that your certificate does not somehow traced back to CNNIC, but also to just research how legitimate the companies are you purchased certificates from, as this unfortunately probably will not be the last time we hear of some sort of shady certificate shenanigans going on.