(no title)

This isn't a SSL cert screw-up, but certainly a silly misconfiguration. They should certainly have known better than to let that happen.

To be fair... when I worked there, I thought about different ways to transparently enable SSL across all domains using a CDN that would work with all existing SSL-enabled browsers and it's a freakin' hard problem. There are potential solutions, but they're not particularly cheap or simple given the IPv4 address crunch and for Akamai even more so since the edge servers are so widely distributed.

Bottom line - I never pitched the idea anyway because while I was interested in making the internet a better place, I knew that it was DOA at Akamai because they're much more interested in making it a more profitable place, and I couldn't think of a strong-enough business case...