Chrome ships with a list of CAs allowed to issue Google certificates. If Chrome encounters a Google certificate signed by some other root authority, it phones home.

http://blog.chromium.org/2011/06/new-chromium-security-featu...