I wouldn't do anything, but I also wouldn't do a security driven marketing campaign. If someone thinks their root cert is safe it doesn't mean there isn't some other way to get access to user credentials that could allow compromise through some other avenue.
edit since I can't reply down level further: Yes I would be very careful about security related marketing and really consider if its necessary at all.
>it doesn't mean there isn't some other way to get access to user credentials
You can always be hacked in some other way, so I guess we should never write anything about security ever?
>edit since I can't reply down level further: Yes I would be very careful about security related marketing and really consider if its necessary at all.
Interestingly, the security people at Google, Cloudfare, Microsoft, and just about every other major tech company (and security company, certificate authority, etc.) agree that openly talking about security best practices is.. well.. A best practice. And that keeping security practices secret (obscure, you could say) benefits no one.
Not sure why you have to shoe-horn marketing in every comment, literally anything a company posts is arguably considered marketing, what's your point?
edit since I can't reply down level further: Yes I would be very careful about security related marketing and really consider if its necessary at all.