This looks like some had some fun
http://blog.wired.com/27bstroke6/2008/12/berlin.htmlA powerful digital certificate that can be used to forge the identity of any website on the internet is in the hands of in international band of security researchers, thanks to a sophisticated attack on the ailing MD5 hash algorithm, a slip-up by Verisign, and about 200 PlayStation 3s.
"We can impersonate Amazon.com and you won't notice," says David Molnar, a computer science PhD candidate at UC Berkeley. "The padlock will be there and everything will look like it's a perfectly ordinary certificate."
The security researchers from the U.S., Switzerland and the Netherlands planned to detail their technique Tuesday, at the 25th Chaos Communication Congress in Berlin.
The security hole was notified to verisign recently and they have fixed the MD5 issue but the master key generated from the exploit will still need to be revoked as it could be used in yet another exploit, something I,m sure the reserchers have allowed for
