[tedunangst]

Obviously they get another cert, but only serve it to chrome users via SSL handshake fingerprinting, and serve the Symantec cert to everybody else...

[wtetzner]

I can't tell if you're joking.

Just in case you're not, if they went through all the trouble to get another cert for Chrome, why wouldn't they just use it for everyone?

[agwa]

I suspect it was a joke, but you raise a very important question. Unfortunately, some clients (likely embedded devices) trust only Symantec roots, since that's the CA the website was using at the time the developer slapped together their code.