A patch was recently checked into the Mozilla codebase that marks bug 327181 “Improve error reporting for invalid-certificate errors” as Resolved Fixed. This bug significantly changes the way Mozilla will handle invalid certificates and as a result will hopefully make RMD redundant so earlier today I played around with a nightly build of Firefox 3.0 alpha (Minefield). My impression? I think the changes, while still rough around the edges, do a pretty good job of appeasing the various sides in the bad certificate handling saga.
The first thing you’ll notice when browsing to a website that presents an invalid security certificate is that the familiar mismatched domain error dialog is no more. Instead an in page Secure Connection Failed error is presented. Note that there is no way to temporarily accept the mismatch and visit the website:
Before websites that present invalid certificates can be visited the certificate must first be added to the new security exceptions list. The dialog for this list is intentionally buried in the Preferences / Options dialog:
Edit > Preferences > Advanced > Encryption > View Certificates > Servers -> Add Exception…
For current users of RMD I think it would be helpful to get your impressions of the changes and so I put together a little screencast of the new functionality in action. I encourage you to take a look and provide Mozilla with your feedback. Even better would be to download a recent build of Minefield and try it out for yourself.