Comment 6 for bug 996697

It's not wrong, it's the only sensible solution. If you can't be sure of the certificate status then you shouldn't connect *at all*. I know that means not accessing some sites anymore, but better safe than sorry. Until there's a real support for certificates handling, it should be kept that way.