The cryptographic underpinnings of the Internet, as presently constituted, are messy, chaotic and rather randomly constructed. The infrastructure is not only ripe for a variety of attacks, but is not easily fixable, experts said Friday. The problems extend from the way that CAs issue certificates to how certificates are handled by the major browsers to how attackers are able to take advantage of the weaknesses throughout the system. The CAs all issue certificates that have essentially the same value, regardless of how or if they check up on the sites applying for the certificates.
Source: https://threatpost.com/ca-and-browser-trust-models-need-overhaul-experts-say-102210/74601/