SSL is worthless. The Feds (and the Fed) have backdoors in most modern SSL software that allows them access to it, and I am certain that some hackers out there probably have access to it as well.
Never, ever type your Social Security number, Credit/Debit card information, or real name into any website - only use them all at the DMV and retail stores.
This is total bullshit.
That being said, there is no need for a backdoor anyway, when the Fed can just get issued a VALID cert for any domain.
Look through the CA lists that come as fully trusted with every browser download and tell me if you really trust everyone in there. At least with a self-signed certificate there is no way for someone to pose as your website.
Like it has already been said numerous times in this thread, the browser warning for a self-signed certificate really needs to change. A big red warning that takes several clicks to get past should only be displayed if a PREVIOUSLY ACCEPTED certificate changes. There is a
Firefox extension that sort of does that already.