Our Security prefs currently include a list of check-boxes with two different labels. * The first box has a label "Show a warning when:" * The second box (and implied for the 3rd) is labelled "Ask permission when:" The latter label is misleading, because the sheet that is displayed is merely a warning and there is no "cancel" button (e.g., the user can't refuse, only be notified). So the label should be removed and let the first label stand for the entire stack. N.B. I don't actually know of a sample site using low-grade encryption (and so far haven't found one in search attempts), so I can't be certain that sheet is the same as the "mixed content" one, but the "mixed content" sheet (like the "moving from secure to insecure" sheet) certainly does not provide a way to cancel a connection to a site.

I've never seen a low-grade encryption warning either, and I've had the pref on for as long as I've used Camino. Is it possible that this is outdated enough that we could just roll it into "mixed encrypted & unencrypted" (or get rid of it entirely and set it to yes by default)?

The weak ciphers have been turned off on 1.8 and trunk (bug 236933), so we can wack that pref.

The fix for this is in bug 324306