Firefox Is Considering Trusting Guangdong CA and It Raises Concerns
Mozilla’s Firefox has recently ceased trusting Wo Sign and StartCom, but it is now considering the Guangdong Digital Certificate Authentication center to join the root certificate, according to one discussion thread.
Some users have pointed out that the Guangdong Digital Certification Center official website has some serious flaws. Moreover, the English-language strategic proposal the center submitted to the Firefox is very different the one in Chinese
Some users have began asking Firefox to reject the request from the Guangdong digital certificate authentication center of trusting their CA.
In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key.
In this model of trust relationships, a CA is a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The most commonly encountered public-key infrastructure schemes are those used to implement https on the world-wide web. All these are based upon the X.509 standard and feature CAs.