StartSSL might also refuse you if you try to request a certificate on behalf of a friend or a client, as they sometimes checks if WHOIS lines up with your identity validation. Quite the hassle for domain-validated certs :-/
Unless things have changed drastically recently (it's been a little while since I've used them), StartSSL is not "open" for any meaningful definition of the word.
I've used StartSSL for my last three customer projects, only because they offer cheap wildcard certs. I for one cannot wait to never have to use them again:
* validation taking up to six weeks, with recurring ridiculous demands for documentation, such as energy provider bills etc
* very unpleasant interface
* nightmarish authentication scheme with client-side certs. Try signing on with Chrome on one box, then exporting the cert to Firefox on another for example
* the client-side cert expires. When it does, there is no way to get back into your account. Support says 'just make a new one'
* there doesn't seem to be a mechanism for designating a technical contact, and I've been admonished by them several times for having the gall of taking over the process for my customers
It might not always be enforced in practice, but StartCom's policy doesn't allow use of the free certs for a commercial purpose:
> Class 1 certificates are limited to client and server
certificates, whereas the later is restricted in its usage for non-commercial purpose only. Subscribers MUST upgrade to Class 2 or higher level for any domain and site of commercial nature, when using high-profile brands and names or if involved in obtaining or relaying sensitive information such as health records, financial details, personal information etc.