You're preaching to the choir...I agree there should be support, but don't go all talking about changing defaults without at least some thought involved.
What about self-signed certs in my closed network? What about guests on a network behind a web proxy that MITMs 80/443? What if you're brokering a connection, not for some strict security sake, but just because you can and gain a little bit of privacy? Have any personal web sites/servers you don't *need* commercial certs for but want something anyway? In an ideal world, I hear what you're saying. But we're far from ideal... I think we should be happy with the inclusion of such options in 3.2....
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/