Comment 73 for bug 376484

Further in reply to comment 67: You make reasonable points (though not new ones) but a fixed bug is not the place to argue policy. For now we have decided that compliance with the RFC--or rather, consistent behavior amongst browsers--is safer for users if occasionally inconvenient for administrators.

If you want to argue for different behavior then the mailing list/newsgroup mozilla.dev.tech.crypto is the right place (or maybe the new mozilla.dev.security.policy?)