Until CAcert is added to the default CA list in Mozilla/Firefox (and other browsers), what is the advantage over self-signed certs?