Wasting money is always a problem. I've got a $500+ bill coming up for a multi-year wildcard renewal that I'd really love to spend on pretty much anything else. And I only need to pay it because I can't use *.site.org as a "subdomain" on Let's Encrypt. Ponder the absurdity of that.
FWIW, I donated to Let's Encrypt in its early stages (and considered sponsorship), so it's not like I'm trying to just freeload here. I'm feeding a lot of money into broken system and I hate doing it.
One last thought: Google is about to start docking sites for not using SSL, which means that a lot of sites are basically going to be forced to buy these expensive certificates in order to play. This is a really artificial and sad barrier to entry for small startups. Security and privacy shouldn't just be the purview of the economically privileged.
FWIW I just donated[1] USD 100 to neocites.org - not that I took any of your comments here as soliciting for donations. They're of course not meant to go towards just SSL, but I'm sure a handful of people here with an actual Software Engineer income can chip in the remaining 400.
With the wonderful work you have been doing with this project (even if I don't host anything on it myself, I'm much too much of a masochist to outsource my web hosting, when I can rent a dedicated server for much more, and do much more work to end up with the same service ;-) -- I think it's terribly wasteful that you have to spend time worrying about trivial things like paying for a wildcard cert, when you could be playing with other, more useful stuff. And, yes, I too hope that Let's Encrypt will support wildcard certs soon.
Last I saw they were working on it, there was just a lot of questions about how to validate that control was properly at parent domain level and not just at the subdomain. They wanted to get whatever was needed fleshed out and part of the ACME protocol before doing anything so that it wouldn't just be some hack they added for let's encrypt on top of ACME.
