And this is not using any fraudulent certificates.

But the idea is that a fraudulent certificate could be used to impersonate a website, for example, Yahoo!

An illegal immigrant could buy a fraudulent certificate, go to the nearest Social Security office and put his name in the new data base.

Then we're good until China starts coming up with fraudulent certificates.

For thousands of dollars in bribes, they wrote false inspection reports and issued fraudulent certificates.

Well, in their fraudulent certificate, they set that bit.

So they didn't just create a single fraudulent certificate.

It's also somehow getting you to a fraudulent server with a fraudulent certificate.

And so these guys had weeks to synthesize fraudulent certificates, all signed by somebody we all trusted.

It is therefore impossible for us to know how many fraudulent certificates exist, or which sites are targeted.