current patches to Mozilla products will blacklist all DigiNotar-issued
certificates based on "CN=DigiNotar " in the certificate issuer. Users
will be able to add a certificate override for DigiNotar-issued
certificates that have a notBefore date prior to July 1, 2011. Users
will not be able to add a certificate override for any DigiNotar-issued
certificates with a notBefore date after July 1, 2011, which would
include the *.google.com certificate. "