(In reply to twolaw from comment #51)
browser already intervene in commercial affairs by blocking websites trackers, because its catchword is to behave for citizen privacy.
different semantics - trackers are ingress whilst MitM is mostly egress (& only then ingress). Morever, trackers are entities with a defined pattern to which the entire internet community is exposable whilst governemtns with their decisions/laws are less so and their domestic affairs impacting only their population mostly.
The whole purpose of the entity is here clearly identified as against the major Mozilla mantra: privacy. It can be the criteria.
Not sure whether Privacy in the Moz culture includes protection from governmental eavesdropping, which likely cannot be even escaped at all - at least not without additional measures than the vanilla browser installation and the necessary configuration of the remote server node.
Blocking the certificate entirely may have some repercussions such as potential loss of access to governemental online services.
(In reply to cfi9pnik from comment #50)
The browser should not be neutral between privacy and eavesdropping, between authenticity and identity theft, between the truth and lies, between good and evil. It should support good. This was the point of firefox's existence from the very beginning. Otherwise why would people need it, if there is already Mi©®o$oft Inte®net Explo®e® on window$™? And if being good means becoming political, let it become political.
That is a lot to ask of a browser, bascially being a moral authority for all that. It would require its developers being beyond reproach and maybe then still not meeting every user's own perpective/perception of the world.
After all, if someone with full understanding of the consequences wants to surrender to eavesdropping and identity theft, maybe he should have the option to do so with the default build of the browser, I don't think the general common morale gives a solid answer here. But even then, the browser should not be neutral between the truth and lies, it should support the truth. In this particular case this means that the browser should make it absolutely sure that the user understands the consequences of his decision to proceed with the connection signed by this certificate, for example, by making the user type (type by himself, not just click "ok" somewhere, dangerous actions require strong confirmation) something like "I understand that if I proceed with this connection, Putin will know all data I transfer, including my credit card details and my username and password for internet banking. Moreover, he will be able to impersonate me in all activities I participate in using this connection, including taking loans under my name."
An explicit warning is a different approach than the blocking of the certificate as being requested.