The rogue google.com certificate from Diginotar had code-signing capability in it.

The rogue google.com certificate from Diginotar had code-signing capability in it.