Apropos some of the recent discussion we've had here of various Debian
signing keys.
A major CA (certificate authority) has issued fake SSL certs for
Google.com, Yahoo.com, and Skype.com (and apparently 6 other sites)
after its signing keys were compromised.
http://threatpost.com/en_us/blogs/phony-web-certificates-issued-google-yahoo-skype-others-032311
Under the CA / SSL model, you trust a website because you trust the CA.
Religion is regarded by the common people as true,
by the wise as false,
and by the rulers as useful.
— Lucius Annæus Seneca.
Terrorism, the new religion.