Trailrunner7 (1100399) writes "In an effort to help mitigate man-in-the-middle attacks that make normal HTTP connections look like secured HTTPS sessions, Mozilla is adding support in Firefox 4 for a new technology called HTTP Strict Transport Security that enables site operators to tell browsers to always request an HTTPS session on future visits.
The technology, which is also known as ForceTLS, is currently an IETF draft specification and Mozilla officials say it should give users more confidence in HTTPS connections over time. Right now, the existence of HTTPS in front of a URL in a browser's address bar is nothing close to a guarantee that the connection is actually a secure one. There are myriad man-in-the-middle attack scenarios that introduce a high level of uncertainty for SSL connections."
Link to Original Source