This is in response to my wife's concern over the domain. Microsoft is often the target of phishing attacks. It's not at all uncommon for scammers to attempt to claim to be acting on the behalf of microsoft. The majority of Microsoft associated sites include the Microsoft.com domain name to alleviate that risk. Now the certificate makes it less worrying, but her first response was to assume it was a phishing site. I'm not necessarily raising this issue with the expectation that something will be done, but just to make people aware that it could be a concern.