Well, then users will just get accustomed to seeing this indication on corporate sites and will ignore it.
Regards, Mucius. On Friday, July 19, 2019 at 3:26:43 AM UTC+3, wolfgan...@gmail.com wrote: > I am not a Mozilla developer, nor have I ever been, but I am a user of what I > consider to still be the free Internet. > > I have been in scenarios with silent MITM attacks, primarily corporate > environments as has been mentioned on this thread, and I would _greatly_ > appreciate visual indication that my communications are using certificates > that > chain up to either a non-standard CA, or are not expected for any other > reason. > > I believe this will lead to the best experience for an end user: don't black > out my Internet, but do leave me with full information so that I can make an > informed decision either way. > > Even on corporate hardware I would like at least a notification that this is > happening. > > -- > Wolf _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
