Binary, how would that solve the certificate mismatch? I presume that you are having the mismatch because you are logging in to a domain other than fastmail.fm in order not to have to type in your whole address, just your ID at the login domain. Because the login domain is owned by FastMail, not Sent.com or whatever, the mismatch occurs. Either one has to type in one's whole address (if not a FastMail.fm one) or one has to click past the non-matching certificate notice. (Or one could turn off browser notification of non-matching certificates.)
Does anyone know someway to avoid the extra click aside from dumbing down the browser security?