Personally, I'm glad that SPDY is providing an incentive for people to use SSL.
Also, just because SSL costs money today (it doesn't if you use startssl.com), doesn't mean it will continue to do so into the future. DANE (once the spec is finalised) will allow people to store fingerprints of their SSL certs in DNS records, signed using DNSSEC. This will remove the existing CAs from the loop.
Cool, I hadn't heard about DANE/DNSSEC. How automated will the process be?
I hope you don't have to apply/renew it manually. Buying a SSL certificate and installing it was a hassle even for me (a geek), it would have been horrible for a normal website owner.
Also, just because SSL costs money today (it doesn't if you use startssl.com), doesn't mean it will continue to do so into the future. DANE (once the spec is finalised) will allow people to store fingerprints of their SSL certs in DNS records, signed using DNSSEC. This will remove the existing CAs from the loop.