Thousands of SSL Certs Issued To Unqualified Names
Mod Parent Up.
Typically considerations for setting up an Exchange 2007 / 2010 CAS is to have a UCC cert that contains both the qualified and unqualified name of the CAS server (or CAS server array). This is to prevent Outlook from throwing a cert error when accessing the server internally.
While I can't speak to the security implications of such certificates, I can say that this is most certainly not something "controversial" that the SSL providers are doing, it's simply meeting a legitimate customer need.
Child-Suitable Alternatives To Passwords?
Why not try a phrase or rhyme from one of her favorite books that she can memorize (or perhaps already has). Who says passwords need to be single words - In this day and age longer passwords with spaces are supported on every operating system I've encountered.