Looks like a great idea, but how do they prevent the man-in-the-middle from impersonating a network notary?
EDIT: I searched and it's actually http://cert.startcom.org/.
AFAIK this is common to all certs (free or otherwise). You need a separate one for each subdomain (including www).
I admire their model of only charging for operations which require human intervention, like identity validation, but handing over that degree of documentation for that amount of time requires a lot of trust, not just of the company as it currently exists, but as it will exist in the far future.
If there was a way to validate organizations which wasn't layered on top of an earlier validation of an individual, or if their decentralized web-of-trust was usable for class 2/wildcard certs, I'd be a big fan.
As it is, there's no reason not to use Start for class 1, single-domain certs, for which the validation is automated and reasonable.
For instance, from Verisign: a 1 year Microsoft code signing certificate starts at $499 . A top-of-the-line (from their main pages) web certificate for a single server for one year: $1499 
edit: it would figure the links don't work. Just go to www.verisign.com and those are a couple clicks from the front page.