Incidentally note that IIRC I did not suggest that an https connection with an unknown CA have the exact same UI as an http connection; I think an informational error message (not a modal dialog) is appropriate in this case, since the result is unexpected behavior (i.e., if the user entered an https URL then they were presumably expecting to see the lock).
Good point; I hadn't thought of that. Perhaps we want an (i) icon in place of the lock which, when clicked, explains.
Gerv _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
