IE7 and www.us.army.mil

Due to a some over enthusiastic checkbox checking by a SMS admin who was rolling out patches through ITMU, IE7 was deployed to our users this week. We have had a package for IE7 created with the IEAK that had been deployed to test groups, but it wasn’t yet the scheduled time for deployment. Because this went out early we didn’t have a chance to educate users about differences in IE7 which lead to a rather amusing complaint.
It seems if you go to http://www.us.army.mil it redirects you to a SSL version of the page. The site is using a DoD issued certificate which of course is not in the trusted root. As a result the user gets the new dire warning about the certificate and calls the help desk. As with most louts, this one was stridently anti-Microsoft, proclaiming if the Army security isn’t good enough for Bill Gates, I don’t know what would be. Rather than pointing out the many hacks of Army computers, we let him know that he saw a similar message when using IE6 and would see a similar message even if he used Firefox. This has nothing to do with Bill Gates not trusting the Army. It has everything to do with the Army not rooting to a commonly trusted CA. Its working exactly the way it should be. If he has reason to trust that certificate and trust its issuer he can certainly choose to trust it and not see that message again.
I imagine shortly the users will ignore the IE7 dire warning the way they blindly choose yes when prompted in the past.