I don't mean they should present the message to all users. Currently, even if you go into the certificate details without being prompted, there is nothing there saying anything to the effect of "SHA-1 is insecure; if you are the webmaster, get this certificate issued with SHA-2"
