Experts Warn of a Weak Link in the Security of Web Sites
By MIGUEL HELFT August 13, 2010
SAN FRANCISCO - Computer security researchers are raising alarms about vulnerabilities in some of the Web's most secure corners: the banking, e-commerce and other sites that use encryption to communicate with their users.
Those sites, which are typically identified by a closed lock displayed somewhere in the Web browser, rely on a third-party organization to issue a certificate that guarantees to a user's Web browser that the sites are authentic. But as the number of such third-party "certificate authorities" has proliferated into hundreds spread across the world, it has become increasingly difficult to trust that those who issue the certificates are not misusing them to eavesdrop on the activities of Internet users, the security experts say.
...