The government sending out SMSes to tell users to install the certificate don't (until the certificate is installed) know what browser the user is using.
So, in addition to blacklisting the certificate, have it pop up a big, horrible message "Your government wants to use this to spy on you. It does not actually increase your security." complete with refutations for all counter-arguments. In this dialog, it might not hurt to also check the Windows certificate store and offer to remove it if the user would so desire. If only 10% of the populace hears what's going on directly, that gets the word out a whole lot better than 0%. People talk. It might be enough to get them to stop. *Because* they don't *yet* know which browser. Nobody wants to be sending out "Hey, install this so you can immediately be told about my corruption!" to their entire populace. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy