Comment Solution. (Score 1) 897
The main argument of TFA is that FF3's warning about self signed certs is egregious.
There is not an issue about warning users; users need to be warned.
What is needed is individual warnings in a drop-down bar for individual problems with certificate issues:
*(picture of green 1's and 0's alongside a red face with a line through it) This certificate is self signed; It may not be trustworthy for identification purposes, you should only trust it for data encryption purposes.
*(picture of a green face alongside a red clock with a line through it) This certificate is out of date; it expired YYYY MM DD HH MM SS ago.
*Trusted case: (picture of a green face) This certificate identifies XYZ.com as trusted by CERTCORP.com. Your data is encrypted.
There is not an issue about warning users; users need to be warned.
What is needed is individual warnings in a drop-down bar for individual problems with certificate issues:
*(picture of green 1's and 0's alongside a red face with a line through it) This certificate is self signed; It may not be trustworthy for identification purposes, you should only trust it for data encryption purposes.
*(picture of a green face alongside a red clock with a line through it) This certificate is out of date; it expired YYYY MM DD HH MM SS ago.
*Trusted case: (picture of a green face) This certificate identifies XYZ.com as trusted by CERTCORP.com. Your data is encrypted.