Crai Conundrum

With the size of the continent, and seeing as the Linden's plan these projects out, I'd assume the terrain is made externally and then uploaded as RAW files as the regions are dropped. Whether they need a Linden in-world to do that or whether they can upload terrain files on the server end, however, is anyone's guess.

Judging by the fact that SSP124 has had a dot on it now for hours today, and the fact the terrain in the picture is very... sculpted like two eyes (circles) which matches the "HI!" terrain, I assume you are at SSP124?

Agreed. However, if they only take the Amazon route here, they will not be accounting for those who write web applications with JavaScript, which requires the browser's trust in order to execute (Google Chrome actively blocks XMLHttpRequest attempts with a non-trusted CA root certificate). It will also not resolve other services and applications that require a valid CA root. Paying for a wildcard certificate seems to be the simplest and most secure action Linden Lab could take here. If I were them, I'd do it without a second thought.

No need for them to make their own CA (which is what they currently have done with the "Linden Lab Certificate Authority" root they are using). All they have to do is purchase a cheap domain validated wildcard certificate. Besides, most CAs issue certificates with 2048-bit RSA keys nowadays, so the encryption is the same as what they currently have as far as I'm aware. They'd get all browsers and services to trust them then with a trusted CA.

This is true, but the one main issue with that is LL would have to re-issue the certificate every 3 months... which would then be impractical for them. Unless they have auto-renewal setup on their server.