Comment How about the extra traffic? (Score 1) 194
Assuming that the add-on becomes a very popular item, and that many people begin using it... how long before we see the following:
1) Poisoned Notaries - hackers setting up their own notaries and somehow inserting them into the system?
2) ISPs getting annoyed with the extra traffic and throttling back? Or ISP-level security appliances becoming suspicious that one GET begets many more connections? (Granted, I think this would have to be a very very well liked add-on, with huge user numbers and very large amounts of certificate checking.)
3) "Transparent" MitM attacks... The man in the middle being transparent to the flow of the certificate, but intercepting other portions of the document? (IANAC, so I have no idea how difficult or complex that may be to implement; I imagine a bit more than normal, as it's not the current topic.)