On the Noisebridge hacker mailing list, security specialist Jacob Appelbaum has published an SSL certificate and pertinent private key that together allow web servers to avoid triggering an alert in vulnerable browsers - irrespective of the domain for which the certificate is submitted. Phishers, for example, could use the certificate to disguise their servers as legitimate banking servers – which would only be detectable by subjecting the certificate to closer scrutiny.