The problem with Mozilla's policy is that their UI is horrendous and gives off the wrong impression. It throws a bunch of information that will look like technobabble at the user without a clear definition of what any of it actually means.
"Until you sit down with my grandma for 2 hours painfully explaining how to use some feature in Microsoft Word, you don’t get to preach to the world about how Mozilla trying to keep my grandma safe is somehow against the freedom of the web."
Shame. He seems to be the only person in existence with technological illiterate relatives. Right?!?! Wait. No. I'd be willing to bet that everyone in here has had a similar experience of having to explain how to do something that we consider simple to someone else.
Technical people understand technical things because they know about other technical things to relate things to. Non-technical people don't understand things as well because its harder to relate things to them. Try explaining things in a way they (the person you're explaining something to) understands. Maybe it wont take you two hours next time.
If I had to explain SSL certificates to my grandmother (who travels a lot), I would compare them to airline tickets. First class is a SSL Certificate from Verisign (or some other company). It's the best you can buy (trust + encryption), but it's the most expensive as well. Coach seats would be the certificate created by a non-profit. It's not a first class ticket, but you're still on the plane (you still have encryption). Not having a certificate would be missing the flight after buying a non-refundable ticket. You wasted your money (no trust/encryption, its likely someone's trying to scam you).
I guess you haven't read any of the other discussions on this topic.
If you don't have the identity verification, the encryption is worthless.
If my grandma went to a site with a self-signed certificate - you're damn right I'd want an error message stopping her, as there's no guarantee she isn't giving away the last of her pension money to a scammer somewhere.
To use your ticket analogy: a self-signed certificate would be a ticket in coach. You have no idea what plane you're getting on, or where the plane is going. I wouldn't put my grandma on a plane where I didn't know she was going. You would? :)
Okay, more like $23/month. Still, if a non profit can't afford that for a website, why does it need that much website? Why not a static page parked somewhere for free?
//edit: Did a quick mockup for what i think would be a better SSL error page, http://tinyurl.com/6qn24p (compared to the current SSL error page, http://tinyurl.com/6j6ymx )
"Until you sit down with my grandma for 2 hours painfully explaining how to use some feature in Microsoft Word, you don’t get to preach to the world about how Mozilla trying to keep my grandma safe is somehow against the freedom of the web."
Shame. He seems to be the only person in existence with technological illiterate relatives. Right?!?! Wait. No. I'd be willing to bet that everyone in here has had a similar experience of having to explain how to do something that we consider simple to someone else.
Technical people understand technical things because they know about other technical things to relate things to. Non-technical people don't understand things as well because its harder to relate things to them. Try explaining things in a way they (the person you're explaining something to) understands. Maybe it wont take you two hours next time.
If I had to explain SSL certificates to my grandmother (who travels a lot), I would compare them to airline tickets. First class is a SSL Certificate from Verisign (or some other company). It's the best you can buy (trust + encryption), but it's the most expensive as well. Coach seats would be the certificate created by a non-profit. It's not a first class ticket, but you're still on the plane (you still have encryption). Not having a certificate would be missing the flight after buying a non-refundable ticket. You wasted your money (no trust/encryption, its likely someone's trying to scam you).