Frank Hecker writes, “Johnathan Nightingale recently addressed a very common question, namely why Firefox doesn’t automatically accept self-signed SSL certificates as being valid. I don’t have much to add to Johnathan’s discussion of the issues with self-signed certificates, but speaking on behalf of the Mozilla Foundation I do want to address some of the comments that I’ve seen people make with regard to SSL certificates, certification authorities (CAs), and Mozilla.” Frank’s blog post addresses some of the most common misconceptions related to Mozilla and CAs, debunking some of the more commonly repeated myths that come up in discussions on the topic.