Based on https://blog.mozilla.com/security/2011/08/29/fraudulent-google-com-certificate.
We need to remove the DigiNator CA from anything in RHEL which ships it.
DigiNotar / VASCO incident report:
Created ca-certificates tracking bugs for this issue
Affects: fedora-all [bug 734679]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2011:1248 https://rhn.redhat.com/errata/RHSA-2011-1248.html
A follow up after the audit was completed: