You calling it a separate issue because you think about it that way doesn't change the fact that in terms of the current security model for the web... they're very intrisically tied together.
Do I think that RA/CA charging out the wazoo for the privilege of verified identity is right? No. That's what you need to be fighting against. You're trying to hack together some way to avoid buying a verified SSL by cutting corners. It's just not going to work.
Do I think that RA/CA charging out the wazoo for the privilege of verified identity is right? No. That's what you need to be fighting against. You're trying to hack together some way to avoid buying a verified SSL by cutting corners. It's just not going to work.