>It's not about simple it's about this:
>
>a) It's free
>b) It's fully automatable (ie. no manual renewal process)
I read most of it. We had an issue recently that an actual wildcard certificate that was sitting on a server was from a not-so-well-known domain registrar. It was cheap and Java did not want to recognize it. So, that would be a first concern I would have with something like that. But, the most important question would then be would this represent the end of domain registrar SSL certificate management services that they all offer? I would assume they support 2048, at least. Nice article.