There's some excellent discussion going on over at TechRepublic regarding SSL Certificates, and the way they're treated by modern browsers.
Firefox 3 all but refuses to let you access a site with an expired or self-signed certificate. Lots of other browsers are becoming more and more militant about it.
The author of that article, Michael Kassner, brings up a good point regarding Extended Validation certificates, which I didn't even know about. The discussion in that thread was dealing with whether SSL certificates are useful solely for identification purposes or if they have an alternate use in sites that only wish to have encrypted traffic streams.
Read the article and join in on the conversation. I'm interested in learning more about people's opinions on the subject.