| Developers: | Solar (formerly Rostelecom-Solar) |
| Date of the premiere of the system: | 2024/04/18 |
| Branches: | Information security |
| Technology: | Information Security - Encryption Tools |
Main article: Cryptography
2024: Launch of the secure access service to web resources GOST TLS
On April 18, 2024, the Solar Group of Companies announced the launch of the GOST TLS secure access service to web resources, which provides a secure user connection to the site through certified CIPFs. The service runs on domestic algorithms and is compatible with foreign ones. This allows site owners to keep the data of their users safe, even if Western CAs (certification centers) decide to revoke certificates confirming protection.
To work using the HTTPS secure connection protocol ("s" - secure), the site needs to obtain an SSL certificate - it confirms the authenticity of the resource itself and is used to encrypt user data. Previously, they were issued by foreign certification centers, but since 2022, a number of Russian organizations that were included in the sanctions lists of unfriendly [countries of the world]] have faced the revocation of certificates. Among them are large banks and websites of state-owned companies.
For April 2024, companies can receive security certificates from, Ministry of Digital Development of the Russian Federation but using the international cryptographic algorithm RSA. For full-fledged import substitution GOST TLS from Solar, it protects traffic between the user and the domestic site to algorithm enciphering with a certificate of the Russian commercial CA. If the domestic algorithm is not supported by the user's device, then a secure connection will be provided using a foreign analogue.
Solar specialists will take responsibility for obtaining a TLS certificate, as well as the operational connection and operation of a TLS crypto gateway. Depending on the customer's requirements, the service can be deployed both on the Solar infrastructure, in the cloud or virtual DPC in the customer.
In addition, the client will regularly receive an individual report with information on the number of connections according to Western and Russian algorithms, the validity of certificates and the details of the encrypted communication channel. Also, experts will respond to incidents related to CIPF.
As of April 2024, the service has been deployed on one of the major federal portals, and has also been successfully tested on Solar's internal web resources.
 | Most Russian sites continue to use foreign certificates, despite the risks of revoking them or refusing to issue new ones. The GOST TLS service will help companies and state institutions ensure the independence of their resource from foreign certification centers and adapt to possible legislative changes in issuing domestic security certificates, and as a result - increase user confidence in their web resources, - explained Alexander Veselov, head of GOST VPN at Solar Group. |  |
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |