ZDNet took a look at Google and their black listing all digital certificates issued by the organization that manages the .cn extension. The article goes on to discuss what steps Firefox may take with regards to CNNIC.
From the article:
A recent alarm over a mis-issued digital certificate for several Google domains has resulted in Google blacklisting China’s main certificate authority.
Google is blacklisting all digital certificates from the China Internet Network Information Center (CNNIC), the organisation that manages the .cn domain and a widely trusted root certificate authority.
Google, Mozilla, and Microsoft last week responded to a mis-issued digital certificate from an Egyptian company called MCS Holdings, which could have allowed an attacker to impersonate a Google site and intercept traffic to and from it.
While the error was MCS Holdings’, Google blamed CNNIC for delegating “substantial authority to an organization that was not fit to hold it”.CNNIC had issued an intermediate certificate to MCS on the understanding that the Egyptian company would only use the certificates for its own domains. However, the company used the certificates for *. google.com, *.google.com.eg, *.g.doubleclick.net, *.gstatic.com, www.google.com, www.gmail.com, and *.googleapis.com.