Re: That Chrome error message is dangerously misleading.
Can someone remind me how untrustworthy the authority is? e.g. could a criminal set up a fake bank site with a fake certificate that pretends to be legitimate? There was something about all the private keys of certificates having been released in the public domain - was that it? or anyway sent in insecure, possibly logged plain e-mail. Sorry, I have a hazy understanding at best of the techy part of this.
What I'm getting at is: should we presume that the certificates are already in the hands of evildoers? In which case, letting them be used at all now is inappropriately putting mercy over safety?