“Google has pushed out an update that blocks an intermediate digital certificate for *.google.com after discovering that a Turkish certificate authority had mistakenly issued intermediate certificates to two organizations that should only have gotten normal SSL certificates. That error gave those two organizations the power to issue certificates that carried the same authority as the CA itself. One of the groups that obtained the intermediate certificate is a Turkish government agency and at least one of the major browser vendors said there was evidence the ceritificates had been used in an active attack.”
