Yes it's vital to security, but it's one of two components here that should be separated. The encryption itself is crucial to a lot of applications now that simply can't be spoofed. That wasn't really true 20 years ago. But now, just to achieve most kinds of load balancing you need a wildcard cert, and while there's obviously no reason that should cost 10x a single subdomain cert, there's also no obvious reason that the verification itself should be tied to the encryption.
Encryption is good, in and of itself, with or without verification for most security purposes. MitM attacks can happen just as easily if someone fails to notice that there's no little padlock in their URL bar. It's a separate issue, and one shouldn't have to pay a corrupt mafia for access to browsers' encryption capabilities if all you're looking for to secure your users.
You calling it a separate issue because you think about it that way doesn't change the fact that in terms of the current security model for the web... they're very intrisically tied together.
Do I think that RA/CA charging out the wazoo for the privilege of verified identity is right? No. That's what you need to be fighting against. You're trying to hack together some way to avoid buying a verified SSL by cutting corners. It's just not going to work.
Encryption is good, in and of itself, with or without verification for most security purposes. MitM attacks can happen just as easily if someone fails to notice that there's no little padlock in their URL bar. It's a separate issue, and one shouldn't have to pay a corrupt mafia for access to browsers' encryption capabilities if all you're looking for to secure your users.