I'm working on a simple extension for Firefox that would notify the user when an SSL/TLS site's certificate changes. This way an informed user could decide if the certificate change was valid / expected and opt out of an ssl session in questionable circumstances. Is there any interest in such an extension? My friend ask me whether there was a way to do it so I'm working on proof of concept code, I will release it as open source if anyone cares.

Update:

Working proof of concept code released. See XPI attachment below. Note: this is tested in Firefox 3.0 beta 2 and it uses mozStorage (sqlite) to keep track of the url/certificate mappings. This isn't really usable, it's simply a proof of concept with no useful user interface. It will pop up an alert when you visit a site that has changed it's certificate since your last visit.

Update #2:

An updated version of this extension is now available on addons.mozilla.org (it's in the sandbox until it's been reviewed.) You have to log in before you can view the sandbox: Addon #6415