Security researchers have found serious flaws in software that uses the SSL (Secure Sockets Layer) encryption protocol. The problems lie in the way that many browsers have implemented SSL, and in the X.509 system that is used to manage certificates for SSL is out-of-date. A researcher shows a way of intercepting SSL traffic using what he calls a null-termination certificate. The problem is widespread, affecting Internet Explorer, VPN (virtual private network) software, e-mail clients and instant messaging software.”]