Here is a modest suggestion from the devil's advocate: web browsers should forbid self-signed SSL certificate entirely, with no 'no, really, let me through' button, option, or extended dialog. They should do this because in practice and in general there is no way to make self-signed SSL certificates at all secure.

Self-signed certificates are insecure in general unless you really truly know what you are doing. Most users do not know what they are doing in this sense, and for sensible reasons will pretty much ignore any warnings you throw up to try to teach them and will blindly click on any button required to make things get out of their way. In the real, pragmatic world the results of this are, unfortunately, predictable and explosive.

Given my previous views on this I don't really like this. But it seems quite hard to allow for any quiet implicit use of self-signed certificates for things like opportunistic encryption, and it's also clear that if you give the general user population something explosive, people are going to blow themselves up through accident and ignorance. Ignoring this reality is just as wrong as ignoring reality in pursuit of mathematically perfect security, and for the same reason.

(You can argue that only a few people will blow themselves up this way and that most people will read the alerts and save themselves. I think this is totally wrong.)

Note that I don't necessarily agree with this; I just think that it's a plausible argument. Even if it's plausible it may not be practical, since by now there are enough vendor-supplied things out there in the field with malformed or self-signed SSL certificates that a browser that could not accept them would be pretty crippled (certainly I could never use it).

(Making self-signed certificates work only if you turn on a secret preference doesn't work in the real world; someone writes up the secret preference, and soon the search engine hits roll in and everyone knows that to get browser X to work right and get out of your way you do this magic thing and then click through the dialog boxes just like you used to. Down that road is Firefox 3.)