And while I know cPanel/WHM doesn't really belong in the same discussion as "encryption possibly resilient against state level attackers"… I note with interest that the latest cPanel update (11.38) includes SNI support. That's "switched on" an _huge_ userbase of webhosting that can now grab a cheap/free SSL cert without needing dedicated ip addresses, and who can then tell users "you'll need to upgrade your browser to use our secure site - have you tried downloading Chrome?" ;-)
