An anonymous reader writes Vasco, the owner of CA DigiNotar involved in MITM attacks on users of Google Iran responded to their issues a certificate issued fraudulent press release reads:. On July 19, 2011, DigiNotar detected intrusion into its certification authority (CA) infrastructure, which resulted in the fraudulent issuing of public key certificate requests for a number of areas, including Google.com. Once it has detected the intrusion, DigiNotar acted in accordance with all rules and procedures. At that time, an external security audit has concluded that all certificates issued illegally were dismissed. More recently, it was discovered that at least one false certificate was not revoked at the time. After being notified by the Dutch government organization Govcert, DigiNotar took immediate action and dismissed the fraudulent certificate. It is not clear if the certificate is used in Iran, or if d Other certificates are still at large. I guess the removal of the root certificate from browsers is the correct answer.