Kudos to SMG for picking up on this and actually asking the question
It seems like they have done there own DV certificate which means that the information transferred between you and said site is encrypted and that it`s a valid domain. This does not mean diddly squat about who owns the site or what services they provide (some fake AV sites have DV for payment).
Like others have mentioned because this is a self signed job they will not be in the Root certification list of your browser, for IE look under Tools/Internet Options/Content/Certificates/Trusted Root, in FX Tools/Options/Advanced/View Certificates (you`ll see the likes of Verisign, Comodo, Equifax).
Something i allways try to do now is to alert people to the fact that when they go to payment sites, banking sites, etc and are putting in sensitive data they should look out for the address bar to turn green or have the green site identity button. This means the site has EV and has been checked, ownership wise, etc.
It`s starting to sink in but slowly.
http://support.mozilla.com/en-US/kb/...dentity+Button