[Erwin]

A certificate can also have a number of alternate names, which providers call a Unified certificate -- UCC. The nice thing about that is that you can add/remove names after you've bought the certificate without having to go through the process.

I haven't tried this in practice though, but this might be useful if you want to provide a bunch of client.yourdomain.com secure subdomains from the same IP address. Only downside is that the organization name will be the same.

[peterwwillis]

This is also wildly more secure than a wildcard certificate, where if someone nicks your private key your entire domain is compromised, but with UCC only select hosts' security could be compromised. I believe it's also supported in more devices than SNI (since X.509v3)

[agwa]

Also more expensive than vanilla single-name certs :-(

That's the one downside of this HTTPS-everywhere movement - we're beholden more than ever to the certificate authority cartel.