SSL totally in the shit!

Not only have they found a way to hack certain keys, and found a way to forge certificates, they’ve now found a way to use the registration process of one of the CA’s to issue a certificate for any site you like.
Researchers (whoever /they/ are) are now estimating around 14% of all certificates to be false.
Considering the emphasis on SSL as being secure, this is somewhat of a crisis of confidence in internet security.