I imagine that this will deter people from quickly starting up a packet sniffer when they share links to your site. However, how are you able to use webfaction's cert? Do they just give you their private key? Or is it just a cert that is not really signed by anyone and the common name is set to *.webfaction.com? In other words, this does not mean that you can spoof www.webfaction.com's signature, corret?