The Electronic Frontier Foundation has published more evidence of problems in the SSL signing industry. They found that certificate authorities have signed over 37,000 certificates that are not specific to any organization, they contain only a hostname. The worst offender was GoDaddy.com. The certificates could be used to impersonate some local server on your intranet by an intruder. Most of the wrongly issued EV certificates were issued by Verisign, including one they signed for themselves. The lack of verification in the way certificates are being issued may just be the beginning of the problems.”]
Source: https://nakedsecurity.sophos.com/2011/04/06/eff-uncovers-further-evidence-of-ssl-ca-bad-behavior/