Dude if somebody wants to create a man in the middle attack to see my Comcast contract, that's cool. Hell, just email me and I'll send you a copy. I think context matters. I don't think most people would ignore a cert warning if they were about to do something they deemed private.
I doubt it. Steve Gibson once related how he sold many copies of his software on his website, even when the website accidentally had an invalid certificate. His software is geared towards a tech-savvy audience. If tech-savvy people don't behave securely, why should we expect most people to?