In the wake of last week’s compromise at Comodo, which was use to issue fraudulent certificates, two more breaches have been announced.
Certification Authorities, or CAs, are at the top of the trust hierarchy for SSL connections. They are the people that verify that a certificate claiming to be from google.com is actually from Google. If a large CA is compromised, and certificates can be forged, the entire trust system built into SSL implementation begins to crumble. This is, to put it lightly, a Bad Thing.