[J65nko]

From http://h-online.com/-1380288

Quote:

To better protect content providers against the distribution of bogus certificates, an HTTP header extension containing a fingerprint of their certificates has been proposed. This approach, which has been partly tested in Chrome, was presented by Ian Fette, Google Senior Product Manager, at a meeting of the Internet Engineering Task Force (IETF) in Taipei. Chrome users were able to detect the bogus DigiNotar certificates because Chrome had embedded the hashes of valid Google certificates.