ProHoster > Blog > nkhani zapaintaneti > Ku Kazakhstan, ambiri othandizira agwiritsa ntchito njira za HTTPS

Ku Kazakhstan, ambiri othandizira agwiritsa ntchito njira za HTTPS

Malinga ndi omwe akugwira ntchito ku Kazakhstan kuyambira 2016 zosintha ku Lamulo la "On Communications", ambiri opereka chithandizo ku Kazakh, kuphatikiza kcell,
Beeline, Tele2 и Altel, kuyambira lero kuyikidwa mu ntchito machitidwe oletsa magalimoto a kasitomala a HTTPS m'malo mwa satifiketi yomwe idagwiritsidwa ntchito poyamba. Poyambirira, njira yodutsamo idakonzedwa kuti ichitike mu 2016, koma ntchitoyi idayimitsidwa nthawi zonse ndipo lamuloli lidayamba kuwoneka ngati lovomerezeka. Kudulira kumachitika pansi pobisalira nkhawa zokhudzana ndi chitetezo cha ogwiritsa ntchito komanso kufuna kuwateteza kuzinthu zomwe zingawopseza.

Kuletsa machenjezo mu asakatuli okhudza kugwiritsa ntchito satifiketi yolakwika kwa ogwiritsa ntchito zolembedwa kukhazikitsa pamakina anu"chiphaso cha chitetezo cha dziko", yomwe imagwiritsidwa ntchito poulutsa anthu otetezedwa kumasamba akunja (mwachitsanzo, kulowa m'malo mwa Facebook kwapezeka kale).

Kulumikizana kwa TLS kukakhazikitsidwa, satifiketi yeniyeni ya malo omwe mukufuna kusinthidwa imasinthidwa ndi satifiketi yatsopano yopangidwa pa ntchentche, yomwe imayikidwa ndi msakatuli kuti ndi yodalirika ngati "satifiketi yachitetezo cha dziko" idawonjezedwa ndi wogwiritsa ntchito pa chiphaso cha mizu. sitolo, popeza satifiketi ya dummy imalumikizidwa ndi unyinji wodalirika ndi "satifiketi yachitetezo cha dziko" .

M'malo mwake, ku Kazakhstan, chitetezo choperekedwa ndi protocol ya HTTPS chikusokonekera, ndipo zopempha zonse za HTTPS sizosiyana kwambiri ndi HTTP potengera kuthekera kotsata ndikusintha magalimoto ndi mabungwe anzeru. Ndikosatheka kuwongolera nkhanza mu chiwembu chotere, kuphatikiza ngati makiyi obisa okhudzana ndi "satifiketi yachitetezo cha dziko" agwera m'manja ena chifukwa cha kutayikira.

Opanga osatsegula akulingalira kupereka onjezani chiphaso cha mizu chomwe chimagwiritsidwa ntchito polowera pamndandanda wochotsa satifiketi (OneCRL), posachedwa Mozilla adalowa ndi ziphaso zochokera ku DarkMatter certification authority. Koma tanthawuzo la opaleshoni yotere silinadziwike bwino (m'zokambirana zam'mbuyomu zinkaonedwa ngati zopanda ntchito), chifukwa pa "satifiketi ya chitetezo cha dziko" chiphaso ichi sichimaphimbidwa ndi maunyolo odalirika komanso popanda wogwiritsa ntchito kuyika satifiketi, asakatuli awonetsa kale chenjezo. Kumbali ina, kusowa kwa mayankho kuchokera kwa opanga osatsegula kungalimbikitse kukhazikitsidwa kwa machitidwe ofanana m'mayiko ena. Monga njira, ikukonzedwanso kukhazikitsa chizindikiro chatsopano cha ziphaso zokhazikitsidwa kwanuko zomwe zimagwidwa ndi MITM.

Source: opennet.ru

Gulani kuchititsa kodalirika kwamasamba okhala ndi chitetezo cha DDoS, ma seva a VPS VDS Gulani malo odalirika osungira mawebusayiti okhala ndi chitetezo cha DDoS, ma seva a VPS VDS | ProHoster