[Sohcahtoa82]

> The encryption was however used correctly, but the users were ignorant and continued using the service even after the certificate suddenly changed.

When designing anything that's going to be used by the general public on the Internet, you have to keep in mind that's the entire public, including grandma and grandpa that don't even realize that their Facebook app is not Google and post their search queries as status updates.

For fuck's sake, we can't even get professional office workers to not fall for painfully obvious phishing campaigns, and now you want to try to teach them how to recognize a bad SSL certificate?

You're not living in reality.

[smoppi]

I am living in reality. I don't want to limit the user's freedom. Sometimes people have to learn the hard way, but the other option (giving away your freedoms) is always worse.

[ryan-c]

> Sometimes people have to learn the hard way

This isn't reasonable or ethical - and it's telling you didn't respond to my other comment replying to you.

If someone experiences harm due to use of unencrypted HTTP because they didn't understand the implications of it, they're not going to be able to make a causal association. Without the causal association, there is no opportunity to learn.

The way to "preserve freedoms" in these sorts of situations is to require a "warranty voiding" action.