Josh Triplett writes "As reported by LWN, Mozilla has accepted the China Internet Network Information Center (CNNIC) as a trusted CA root. This affects Firefox, Thunderbird, and other products built on Mozilla technologies. The standard period for discussion passed without comment, and Mozilla accepted CNNIC based on the results of a formal audit. Commenters in the bug and the associated discussion have presented evidence that the Chinese government controls CNNIC, and claims of malware production and distribution and previous man-in-the-middle attacks in China via their secondary CA root from Entrust.
As usual, please refrain from blindly chiming into the discussion without supporting evidence. Since Mozilla has already accepted CNNIC as a trusted root CA, the burden seems to rest with those who argue for its removal."
Link to Original Source