Several gentoo services, e.g. [bugs,forums].gentoo.org, use self-signed certificates. It's imho very bad security policy to use self-signed ssl-certs. There's a noncommercial CA called cacert that issues certificates based on a web-of-trust-concept. I think it fit's very much in the spirit of free software, so I'd suggest to use cacert-certs for all Gentoo infrastructure that uses ssl.
*** This bug has been marked as a duplicate of bug 108944 ***