Mozilla: Man-in-the-Middle Interfering with Increased Security

Mozilla hasrun into a hitch with its plans to deprecate SHA-1 certificates."However, for Firefox users who are behind certain'man-in-the-middle' devices (including some security scanners and antivirusproducts), this change removed their ability to access HTTPS web sites.When a user tries to connect to an HTTPS site, the man-in-the-middle devicesends Firefox a new SHA-1 certificate instead of the server's realcertificate. Since Firefox rejects new SHA-1 certificates, it can'tconnect to the server." An update backing out the SHA-1 deprecationhas been posted, but affected users will have to install it manually(assuming they don't use a distribution-supported version, of course).