And yes, #CAcert will likely cause people to back off. Even experienced users may not know that such a CA exist - and might even think that the CAs in the browser are trustworthy just because they're shipped by default ;)