To make things more clear (doing a simple ssl handshake, but explaining the loophole afterwards);
Alice and Bob want to talk about their secret shit. Alice calls Bob through a BT land line and says; hey Bob, gonna send you a message. To do that, I need your public key to encrypt my message. (Lets assume there is a spy on this land line). So Bob tells Alice his public key to encrypt the message so he can decrypt the message with his own private key. However, since we have a spy on the line who knows that Alice will send Bob a message that is encrypted with his public key, our spy could think; right, I will send a message in name of Alice with the public key of Bob encrypting the message and Bob can decrypt it with his private key. So we need some verification. To make sure Alice sent the message, she SIGNS the final message with her private key. So when Bob uses Alice’ public key, he can make sure that Alice sent the message.
Now... what this article is implying, is as follows; Mozilla (Jasper) says; dude! You are yelling that you want to reach Alice, but instead of yelling, I could be the one that silently tells Alice that you want to reach her. However, for Alice to know that I am not lying; I need to resign your “shout out” with my own ciphers. To do this I need to resign your original message with my own keys though. When you get contact with Alice and all is mighty fine, but you keep exchanging messages through me (Jasper). I can read your (Bob’s) messages, I encrypt them for you, Alice reads it, sends messages back, but all in all I can still read all messages between you (Bob) and Alice.
So.. would you rather have people hearing that you as Bob want to talk to Alice and encypt messages after when you do a ‘handshake’, or move the “Hey Alice” shoutout to a middle man that will see all your messages in between afterwards?