Earlier this year, Google announced a plan to stop trusting existing Symantec SSL certificates, which are used to authenticate and encrypt data, due to concerns about the way these have been issued.
Google expects root certificate authorities to validate domain ownership before issuing certificates and to secure their operations and infrastructure against signs of improper issuances as well as auditing logs to review issuance activity. They stated Symantec did not meet these standards and allowed outside access to their certificate infrastructure without proper oversight. Further, Google stated Symantec failed to disclose this information in a timely manner and it did not take this issue as seriously as they should have.
Appropriate browser security represents a significant challenge to which browser manufacturers, system administrators and users all have a different approach. System administrators want users exposed to minimal risk (and troubleshooting difficulties) and it’s safe to say users want to be able to do their jobs with minimum of prompts and dialogue boxes.