Major browser makers are beginning to revisit how they handle Web authentication after last month's breach that allowed a hacker to impersonate sites including Google.com, Yahoo.com, and Skype.com.
The efforts are designed to remedy flaws in the odd way Web security is currently handled. Currently, everyone from the Tunisian government to a wireless carrier in the United Arab Emirates that implanted spyware on customers' BlackBerry devices and scores of German colleges are trusted to issue digital certificates for the largest and most popular sites on the Internet.

Microsoft's manager for trustworthy computing, Bruce Cowper, told CNET that the company is "investigating mechanisms to help better secure" certificate authorities, which issue trusted digital certificates used to encrypt Web browsing, against this type of attack.

The link for this article located at CNET is no longer available.