for answering my questions on SSL and bugzilla. I was unaware of the cookie protection scheme - thanks for pointing it out. I do very well understand your point on making confidential security bugs. Making mozilla more secure by not letting everybody read security bugs is a good thing.
The compagny I work for is a bank. I understand why they restrict the use of SSL, the reason is quite simple : with SSL enabled only for certain sites, security is increased. Nowdays most compagnies close all ports except http and https, so people tunnel everything thru those two ports. Hence If I use a tunnel to export data from the bank they'll be able to know what is exported. With SSL enabled, they can't.
I think I'll live without bugzilla access.