ergophobe - 3:29 pm on May 25, 2012 (gmt 0)

>>faa dot gov

At least the IRS, NPS, FBI and CIA all have it together.

>>SSL cert warning

This actually doesn't surprise me that much - if they bought the cert for the www version, they would be stuck. In other words, it's still basically a redirect problem. If the cert is for www, they simply should not be allowing people to access the site without the www and, problem solved.

So these folks have a cert for a specific hostname (which is fine) but they have poor canonicalization (which is not fine).