Indeed. You can still add it to the certificate store in Firefox 3,
but it's a few more clicks and harder to dismiss. The intent of this
is to make people actually think about that stuff before they just
accept it, and thereby hopefully prevent Man-in-the-Middle type
attacks, especially for high-security sites like banks.
As I mentioned, CAcert certificates are free and anyone with a
Certificate of Incorporation for the organization (CPAN) can get an
Organizational Certificate, among other great things. But the problem
is that you have to manually add the CAcert Root certificates. This is
trivial and supported in many browsers, but it would require an FAQ
entry to teach people how to add it.

They are working toward getting the root certificates (at least the
Class 3, higher-trusted type) into Firefox and other browsers. Last I
heard, the Firefox team is still reviewing it. But it does come
default in the "ca-certificates" package on Debian now.

In short - I think using a CAcert certificate would be significantly
better than the current system, and I would encourage them to do so.
The person that runs CPAN - though I once sent him an email and never
received a response:

Yours Eclectically, The Self-Appointed Master Librarian (OOK!) of the CPAN
Jarkko Hietaniemi ***@perl.org [Disclaimer]

Also it was mentioned, also from the CPAN home page, the master site
is hosted by FUNET:
http://www.csc.fi/english/institutions/funet_en/index_html

But the certificate itself is signed by Best Practical Solutions, so I
imagine they are the ones running the Request Tracker (being the ones
that wrote the software and provide support for it to enterprise
users). Their web site is http://bestpractical.com/ - if someone would
take the initiative to contact them about it, they may be able to find
a solution.