Prevent TLS state from accumulating in Tor Browser
We've been accumulating a few TLS issues with Torbutton (#2482 (moved)). In particular, we need to figure out how to handle user-stored certificates, the intermediate cert store, and STS. Perhaps we just want to block all of these by default for TorBrowser? Perhaps we want an extra confirmation dialog?
STS and the intermediate cert store should definitely be cleared by the New Identity button, though (#523 (closed)). We currently lack direct Firefox APIs for either of these. https://bugzilla.mozilla.org/show_bug.cgi?id=435159 might help with the latter.