Some security software inspects SSL traffic - they do this by installing their own certificate and acting as an intercepting proxy (basically, a legitimate MiTM). eg, ESET was doing this and causing bug 785893. This is a little worrying because it trips our certificate checks for addon update checks (including hotfix updates), causing addon updates to fail - which will include security fixes. I'm wondering if we can detect the (legitimate) common cases of this, and warn the user. Or just accept the certificate, assuming we are *sure* its ok to do so.
Currently app update checks are even more strict and will get blocked in the same way by this. The security team want this for add-on update checks too (bug 643461) and we already have it implemented for the hotfix add-on. I'm not sure that working around it is a good idea, but warning seems reasonable. I imagine if you're getting the same CA for multiple websites then that is a bad sign, perhaps.
see also bug 774395
You need to log in before you can comment on or make changes to this bug.