Kaminsky has been publishing some useful analysis of the recent RSA research.
The “weak RSA moduli” bug is almost (and possibly) exclusively found within certificates that were already insecure (i.e. expired, or not signed by a valid CA).
This attack almost certainly affects not a single production website.
The flaw has nothing to do with RSA or “multi-secret” systems.
IT’S NOT ABOUT RON AND WHIT