Bruno Wolff III wrote:
The way Firefox does it, is more to help companies sell certificates than to actually help security.
+1
All it does is it leads people to use completely unencrypted HTTP instead, to avoid the "big scary warnings". How does that provide any added security?
I like the way Konqueror handles this: it does complain about self-signed or otherwise invalid certs, but it allows you to accept them either temporarily (for the duration of the session) or permanently in 2 clicks (one to accept and one to choose whether to accept it for the session or forever).
Kevin Kofler