Comment 6 for bug 1489643

@jdstrand: I may have not explained this ideally. Yes, EV certs will protect us if your router is trying to lie to you about where paypal.com is, but they don't help at all if my app shows something which looks like the trust-store dialog but actually isn't. Users will then type their Ubuntu One password into it, which we don't want them to do, but there's no way of telling whether something that looks like a secure OS-presented dialog actually *is* that secure OS-presented dialog.