• Home
  • Archive
  • Disclosure
    • Disclaimer
    • Comment Policy
    • Privacy Policy
  • Just Three
  • Contact
    • Who Am I ?
    • What does Ethereal Mind mean ?

EtherealMind

Software Defined & Intent Based Networking

You are here: Home / Blog / Musing / Musing: Google Establishes CA Root Authority.

Musing: Google Establishes CA Root Authority.

29th January 2017 By Greg Ferro Filed Under: Musing

Google continues to build out its ownership of key Internet infrastructure. Email/Spam filtering, Chrome Browser, DNS

As we look forward to the evolution of both the web and our own products it is clear HTTPS will continue to be a foundational technology. This is why we have made the decision to expand our current Certificate Authority efforts to include the operation of our own Root Certificate Authority. To this end, we have established Google Trust Services (https://pki.goog/), the entity we will rely on to operate these Certificate Authorities on behalf of Google and Alphabet.

Thoughts, in no particular order:

  1. Bought company with root certificates to shorten lead time to control
  2. Ownership of and widespread use of Chrome web browser, DNS and trusted root certificates means that Google has unprecedented amount of control over user data regardless encryption.
  3. Can silently MITM any traffic in browser by combining web browser and certificate configuration
  4. Data gathering from DNS servers for destinations, source addresses/geolocation, usage profiling
  5. Chrome already prevents many privacy and usability features available in other browsers e.g. Reading mode,
  6. Adds to data-gathering possibilities from web services that predict searches, URLs and spelling errors built into browser

One of the base assumptions for internet safety was that functions would be widely distributed which included the spread of companies that could control and operate these functions. While BGP and routing is still “unowned” critical services like DNS and TLS are being owned by private corporations (Google, Cisco, Oracle etc) and Governments (China, Russia).

This is a disturbing pattern.

Google Online Security Blog: The foundation of a more secure web : https://security.googleblog.com/2017/01/the-foundation-of-more-secure-web.html

About Greg Ferro

Human Infrastructure for Data Networks. 25 year survivor of Corporate IT in many verticals, tens of employers working on a wide range of networking solutions and products.

Host of the Packet Pushers Podcast on data networking at http://packetpushers.net- now the largest networking podcast on the Internet.

My personal blog at http://gregferro.com

Network Break Podcast

Network Break is round table podcast on news, views and industry events. Join Ethan, Drew and myself as we talk about what happened this week in networking. In the time it takes to have a coffee.

Packet Pushers Weekly

A podcast on Data Networking where we talk nerdy about technology, recent events, conduct interviews and more. We look at technology, the industry and our daily work lives every week.

Our motto: Too Much Networking Would Never Be Enough!

Find Me on Social Media

  • LinkedIn
  • RSS
  • Twitter
  • YouTube

Return to top of page

Copyright Greg Ferro 2008-2019 - Thanks for reading my site, it's been good to have you here.

Opinions, Views and Ideas expressed here are my own and do not represent any employer, vendor or sponsor.Full disclosure