Even better, they don't charge for "products" such as wildcard certificates, but for the service of validation that is required to get them. This means you pay once for the validation (much less than a single wildcard certificate costs elsewhere) and then you can create certificates for all your domains at no additional cost.

Obviously, they are a small CA, which means they are not recognised on some exotic platforms, but I haven't ran into any of those cases myself. Also, they require an intermediate certificate, but that was a no-brainer to setup. I have one up on my personal website, if you want to try if it works for you: https://micheljansen.org

StartCom is great, but 2 caveats: I found that StartCom's root authority is not recognized by some IE6 installs, and is still not recognized by Java (so applets, web start, java clients talking to your server may have problems ...).

The first time a user goes to StartCom on Windows XP on IE6, it will pop up with a "cert error". This is because the user hasn't recently updated their root certs through a super-optional Windows Update install. However, any subsequent loads will work as Windows will check and update their root certificates in the background.

Edit: OK, they seem to work pretty well. This is a nifty idea.

my only problem with them is the somewhat complicated mechanism for authentication with client certs. I could not get it to work with firefox or chrome, just safari.

startssl.com is who I use. I haven't had any issues, then again I'm not particularly worried about exotic platforms, or IE6 support.