On 8/20/10, Aryeh Gregor <Simetrical+wikilist(a)gmail.com> wrote:
They can do things like intercept any connections to
the site,
providing a forged certificate for HTTPS via a CA they control, and
steal passwords or cookies.
See this:
https://bugzilla.mozilla.org/show_bug.cgi?id=542689