I posted earlier in the year (or was it last year?) about Firefox's ridiculously serious certificate warning message. Researches have recently found that most users completely ignore all of these messages in any case, as they don't understand what they mean. Which is exactly my point... the whole approach needs to be re-evaluated. Making users feel that a secure site might be dangerous and a non-secure site is safe is completely a wrong approach.