I fear SSL isn't going to see wide adoption by normal people until two things are done:
* It's easier to set up. Having personally been through the situation in the article a time or two in my life, it sucks, and there's no reason for it to suck.
* The prices stop being extortionate. 10x price differential for a literal 1 bit change in the final product to make a wildcard cert? Fuck you! Everyone mentions StartSSL. Sure, the basic certificate is free.. if you don't miskey your domain name.. or you don't select the wrong options.. or OpenSSL doesn't get owned, in which case you get to pay $15 for the privilege of their server spending a few milliseconds of CPU time to spit a few kilobytes of data back at you that represents the thing you already had.
PKI as it exists today is a fucking scam. It's a scam because it's overpriced, it's a scam because it's exploitative, and it's a scam because it's incredibly easy to do things that render the whole exercise pointless.
* It's easier to set up. Having personally been through the situation in the article a time or two in my life, it sucks, and there's no reason for it to suck.
* The prices stop being extortionate. 10x price differential for a literal 1 bit change in the final product to make a wildcard cert? Fuck you! Everyone mentions StartSSL. Sure, the basic certificate is free.. if you don't miskey your domain name.. or you don't select the wrong options.. or OpenSSL doesn't get owned, in which case you get to pay $15 for the privilege of their server spending a few milliseconds of CPU time to spit a few kilobytes of data back at you that represents the thing you already had.
PKI as it exists today is a fucking scam. It's a scam because it's overpriced, it's a scam because it's exploitative, and it's a scam because it's incredibly easy to do things that render the whole exercise pointless.