https://decompilation.info currently has a cert valid only for ejudge.ru and www.ejudge.ru, which Firefox explains when clicking the "More..." button on the cert error page. However, that cert also happens to be from Symantec, so the cert error page _also_ says, before clicking the "More..." button, that "Websites prove their identity via certificates, which are issued by certificate authorities. Most browsers will no longer trust Symantec, the certificate authority for decompilation.info." Having become used to web pages not loading due to Symantec certs this caused me to click to the interstitial despite the serious cert error. That explanation shouldn't be shown when there are other causes of failure than the Symantec distrust.

I can't reproduce this. Would be good if someone else could try to reproduce...

I can't reproduce with the given link any more either, they seem to have switched to a Let's Encrypt cert (still bad host, though). However I can reproduce if I add an entry like "212.27.48.17 blah" to /etc/hosts and visit https://blah (where 212.27.48.17, corresponding to https://zimbra.free.fr/, is an arbitrary host which still uses Symantec certs).

Actually, just navigating to https://212.27.48.17/ is enough to reproduce the issue.

In bug 1444440 we essentially made the decision to prioritize reporting the Symantec distrust error over others (except e.g. a revocation error). I think this is still the right call, because it (hopefully) drives website admins to replace their Symantec certificates. With regard to becoming accustomed to clicking through interstitials, it's true that this event has contributed to warning fatigue, which is unfortunate. That said, the entire premise of our distrusting the old Symantec PKI is that these certificates are not trustworthy, so seeing one is fundamentally equivalent to seeing a hostname mismatch error or an unknown issuer error.