Your browser trusts many certification authorities and sub-authorities quietly, every time you enter an HTTPS website. This add-on for advanced users reveals when certificates are updated, so you can ensure it was a legitimate change.
a spreadsheet with a list of 531 entries on the currently known bad DigiNotar related certificates.
Testing TLS/SSL encryption
the random number generator in Debian's openssl package is predictable