[paulgerhardt]

>it matters if browsers trust them (which they do).

We had endless problems with StartSSL on mobile browsers. They have only recently been added to the latest Windows Mobile 8 repo and you can forget about any phone OS (except iOS) that was released before 2012.

The thing with SSL providers is most people think if it works on Chrome and IE they're set, but for certain businesses they need something that will work on the Wii Browser, an IBM Power System, or an older dumbphone. SmartTV's in particular are pretty annoying to get any CA list because whoever implemented the browser portion on the devices probably just imported some random Java lib from circa 2002.

If you are doing something small and personal, StartCom is just fine. If you're running a business, at some point it may become inevitable that you switch to oldest provider you can reasonably sign up for, in particular one of the Original Three (Thawte, GlobalSign, or Verisign). If you're running a non-profit advocating for privacy and cryptography where a large number of your users may be based in the middle east running on legacy hardware, you may want to take a cursory look to see if your users are getting any cert problems and get a cert from Thawte (the cheapest of the three - though you will need to chain to an intermediary cert if you got with their 123 option).