Irrelevant fact: GAIM 1.5 doesn't complain when a server's certificate is not signed by a trusted CA That defeats the whole purpose of SSL which is to prevent man-in-the-middle attacks.