Association for Computing Machinery
When browsers report TLS errors, they cannot distinguish between attacks and harmless server mis-configurations; hence they leave it to the user to decide whether continuing is safe. However, actual attacks remain rare. As a result, users quickly become used to \"False positives\" that deplete their attention span, making it unlikely that they will pay sufficient scrutiny when a real attack comes along. Consequently, browser vendors should aim to minimize the number of low-risk warnings they report.