*The browser could be set to display a certain icon or color change in the bar, which tells the user that traffic is encrypted, although there is no trust of the remote site.
Because what is the point of encrypting traffic to a man in the middle attacker? You think what you are doing is secure, when it isn't. Your approach plugs one hole while leaving a bigger hole wide open. Firefox's approach ensures you are aware of the compromised security, and discourages shoddy security practices.
And creating an automated CA that rubber stamps all certs and is "trusted" is a REALLY bad idea. God knows there are some bad CA's out there that are trusted, lets not encourage the behavior.
Keep Up with TechRepublic