Bugzilla

(In reply to Dana Keeler [:keeler] (use needinfo?) from comment #38)
> (In reply to Zack Weinberg (:zwol) from comment #36)
> > The private key has been published, which means exploits _will_ start to
> > circulate.  These exploits could potentially affect (at least) anyone who
> > clicks through sec_error_untrusted_issuer.  There are no sites legitimately
> > signed with this certificate, so blacklisting it has no compat downside.
> 
> Unfortunately it will always be possible to generate a certificate that will
> result in sec_error_untrusted_issuer for non-pinned sites. Blacklisting this
> certificate will not prevent those attacks. The compatibility downside of
> doing so is that if a user's traffic is being proxied through Superfish,
> blocking the certificate would prevent them from visiting any https site. It
> would then be difficult for the user to figure out what's wrong and how to
> fix it.

I think this is hitting the news right?