Kyle Hamilton wrote: > I then have to click at least six > times to try to figure out what's going on, and then when I do find a > site that's protected by an unknown CA certificate (OR that I've > removed the trust bits on), I have to do the following: > > 1) Click 'add an exception' > 2) click 'get certificate' (why I should have to do this is beyond me, > since firefox obviously already has the certificate downloaded since > it told me 'sec_error_untrusted_issuer', which it couldn't have known > without the certificate in its possession ANYWAY)
Not that it changes your point any, but if you set the pref browser.ssl_override_behavior to 2 then you won't need to "get Certificate". Firefox 3.1 will have this behavior by default. If you set browser.xul.error_pages.expert_bad_cert to true then you won't have to click a link to reveal the "add exception" button, saving a click at that step, too. Firefox 3.1 won't be adopting that default though. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto