Ah, yes, certificate patrol[0]. However, your argument, I think, is not valid. Sure, it's technically possible for him to know if any cert changes, but in reality very few people are going to install the extension and those that do might not even notice the message because it notifies the user so frequently (fully desensitizing them I imagine).
I don't think that his choice not to install an extension invalidates his argument.
very few people are going to install the extension
My argument is, pinning certs is a bad reason for removing the root certs from the browser, since you can pin them without breaking the CA chains.
I'm not sure how does that work as a counter-argument; We're discussing a decision of a particular person, not some broad policy. How is the number of people who install the extension relevant?
those that do might not even notice the message because it notifies the user so frequently (fully desensitizing them I imagine)
So does the browser, if you remove the root CA certs.
