Perhaps we should have another dialog explaining to the user in plain english but with more detail what they are really doing by disabling this option, with a second confirmation dialog. It should stay enabled.
While your at it explain to them in plain english what self signed certificates are... "The server you are connected to is self signed, this might not be desirable for financial transactions, in any case you connection WILL be secure from people trying to listen to the data sent to the server."
Well something to that effect :) and if it's a non-default CA perhaps something similar, but point out the URL to visit the signing CAs website for more information.
-- Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
