China Internet Network Information Center
The China Internet Network Information Center, or CNNIC, is the administrative agency responsible for Internet affairs under the Ministry of Industry and Information Technology of the People's Republic of China.
Domain name registry service
CNNIC is responsible for operating and administering China’s domain name registry. CNNIC manages both the ".cn" country code top level domain and the Chinese Domain Name system (Internationalized domain names that contain Chinese characters). As of June 2015, the total number of Chinese domain names is 22,310,000.
As of January 2009, CNNIC only opens the CN domain to registered businesses, requires supporting documentations for domain registration such as business license or personal ID, and suspended overseas registrars even for domestic registrants. CNNIC denies that it mandates existing personal domain names to be transferred to businesses. Trend Micro suggests this move is still not enough to stop modern security threats from the .cn domain.
IP address and Autonomous System number (AS number) allocation service
CNNIC allocates Internet Protocol (IP) addresses and AS Numbers to domestic ISPs and users. CNNIC is a National Internet Registry (NIR) acknowledged by the Asia-Pacific Network Information Center (APNIC). In late 2004 CNNIC launched an “IP Allocation Alliance” which simplified the procedures for obtaining IP addresses.
Catalogue Database Service
CNNIC is responsible for the creation and maintenance of the state top-level network catalog database. This database provides information on Internet users, web addresses, domain names, and AS numbers.
Technical research on Internet addressing
Internet survey and statistics
CNNIC has conducted, and continues to conduct, surveys of Internet information resources. CNNIC maintains statistics on topics such as Internet bandwidth in China, Domain Name registrations, and Internet Development in China.
International liaison and policy research
As the national Network Information Center (NIC), CNNIC maintains cooperative relationships with other International Internet Communities, and works closely with NICs of other countries.
Secretariat of the Internet Policy and Resource Committee, Internet Society of China (ISC)
CNNIC serves as the Secretariat of the Internet Society of China’s Internet Policy and Resource Committee. The Policy and Resource committee is in charge of tasks such as providing policy and legislation oriented suggestions to promote the growth of China’s internet, facilitating the development and application of Internet resources and relevant technologies, and actively participating in the research work of domestic Internet development and administration policies.
Secretariat of the Anti-Phishing Alliance of China (APAC)
In July 2008, a broad alliance of Chinese online commerce stakeholders, including CNNIC, all major Chinese commercial banks and web hosting companies, founded the Anti-Phishing Alliance of China (APAC) in order to tackle phishing activities that abuse .cn sub-domain names. CNNIC also functions as the secretariat of APAC.
In October 2009, the alliance announced its cooperation with two new members - Netcraft and Maxthon, who will help the alliance to process and verify various phishing reports, and add the confirmed phishing URLs to Netcraft's phishing site feed and Maxthon's phishing blacklist.
In 2015 Google discovered that CNNIC had issued an intermediate CA certificate to an Egypt-based firm that used CNNIC's keys to impersonate Google domains. Google responded by removing CNNIC's root certificate from the certificate store in Google Chrome and all of Google's products.
Mozilla responded to the incident, stating that
"The Mozilla CA team believes that CNNIC’s actions amount to egregious behaviour, and the violations of policy are greater in severity than those in previous incidents. CNNIC’s decision to violate their own Certification Practice Statement is especially serious, and raises concerns that go beyond the immediate scope of the misissued intermediate certificate. After public discussion... we are planning to change Firefox’s certificate validation code such that it refuses to trust any certificate issued by a CNNIC root with a notBefore date on or after 1 April 2015."
- "中国互联网络信息中心". Cnnic.net.cn. Archived from the original on 2020-05-13. Retrieved 2020-03-01.
- "China Imposes New Internet Controls". Archived from the original on 2015-11-07. Retrieved 2017-02-24.
- "CNNIC Suspends New Foreign .CN Registrations Indefinitely". Archived from the original on 2010-01-15. Retrieved 2010-01-07.
- "传CN个人域名须转公司名下 CNNIC收紧域名审核". Archived from the original on 2010-01-13. Retrieved 2010-01-07.
- "Trend Micro Advisory on CNNIC Domain Registration Requirements". Archived from the original on 2012-09-11. Retrieved 2010-02-01.
- "CNNIC to Provide Easier IP Address Allocation Procedures". Archived from the original on 2008-10-01. Retrieved 2008-05-11.
- CNNIC Internet Statistics Archived 2008-05-16 at the Wayback Machine
- ".CN phishing sites to be stopped resolution". Archived from the original on 2008-08-22. Retrieved 2008-07-24. Cite journal requires
- "China forms anti-phishing alliance". Blog.anta.net. 2008-07-24. ISSN 1797-1993. Archived from the original on 2012-12-20. Retrieved 2008-07-24.
- "Google Online Security Blog: Maintaining digital certificate security". Googleonlinesecurity.blogspot.se. 2015-03-23. Archived from the original on 2016-03-07. Retrieved 2020-03-01.
- The MCS Incident and Its Consequences for CNNIC Archived 2015-04-03 at the Wayback Machine 2.3. Distrusting New CNNIC Certificates Mozilla 1 April 2015, pg 9.