The state will monitor the security of data transmission in the domestic segment of the Network
Photo: Dmitry Korotaev / Kommersant
The presidential administration is now working to create a state certification authority (CA), which will issue state SSL certificates to sites in the Russian-language segment of the Network, Kommersant
reports . “A huge number of sites in RuNet use a secure connection: online stores, payment systems, government services, where the user enters his personal data. The state portal gosuslugi.ru uses an SSL certificate issued by TC of the American company Comodo, and the portal FTS nalog.ru uses an SSL certificate from Thawte, owned by Symantec. If for some reason they revoke these certificates, this could jeopardize secure data transfer in runet, ”said a source close to the presidential administration (AP).
')
Ilya Massuh, head of the Information Democracy Foundation, also announced the launch of such a project. He said, in particular, that the creation of CA would be discussed by a special working group “on the use of the Internet information and telecommunications network in the domestic economy”. This group was created in early February of this year by the decision of the head of the presidential administration Sergey Ivanov. Within the group, a subgroup “Internet plus sovereignty” was created, in which “proposals for creating a CA will be developed taking into account the opinions of experts and companies developing domestic browsers — Yandex Browser” and Sputnik.
The basis for creating the TC will be the Internet Technical Center (TCI). Its co-owners are the Coordination Center for the National Internet Domain and the Internet Development Fund. “To ensure security and protection against data collection, it is necessary not only to create a Russian CA and add it to the“ trusted ”in all operating systems and browsers, but also to use the SSL protocol with Russian encryption algorithms in all operating systems installed on Russian computers, - commented on the situation, the commercial director of "Crypto-Pro" Yuri Maslov.
In order to make the domestic SSL certificate popular, it is planned to oblige companies operating in the Russian Federation to integrate such certificates into their products. Creating a CA and developing support for a domestic root certificate will require about 4-5 years of time and 200-300 million rubles of funds. One of the sources close to the initiators of the project, said that it is planned to hold a series of negotiations with the developers of the OS and browsers. If these companies do not meet, we will have to use "legislative measures".