I mean, years ago, we used self signed SSL for our own use, and offered nonSSL login for nonadmin users. It worked well, because we didn't require any criticial info... If we used such self-signed certificate, in today's browser we wouldn't be able to login... I know this all depends on difficulty of factorizing big numbers into its prime factors, but there must be some details in practice, and devil might be in those details. There might be totally trustable services, but it is imossible to know which ones are so, and if you use your own cert, then the browser prevents access, this is what makes me angry. I mean you can probably protect yourself against everyone, except bigbro, but this may not be enough.