A PDF article covering:

Introduction

• SSL certificate authorities have been thoroughly broken in the last year or two
• EV-SSL is often seen as a stronger assurance of site security
• If SSL is broken, can we trust EV-SSL?
• No! A rogue non-EV certificate can be used to do MITM attacks against EV sites

Organization

• State of the SSL PKI
• EV to the rescue
• Breaking EV certificates
  • mixed content attacks
  • same origin attacks
  • SSL rebinding
  • cache poisoning
• Fixing this mess