Why does Firefox 3 make it so hard to use a self-signed certificates?

It was pointed out to me, rightfully so, that this tends to affect the free software community more than others because it’s easier for technical people to set up a self-signed certs. True, but we did it for a good reason.

Johnathan has a post up that talks about SSL in Firefox 3, a post that I hope will put some of those questions to rest. He talks about why we did it, what the change was and how it’s actually an improvement and brings better security to the web. It’s worth a read.