This is an interesting thread, so after a long time of lurking has made we want to post something

So let me clear up some confusion. First, WiFi and aircards are all (out of the box) insecure. As they are sending data into the airwaves where anyone can intercept them. When using a site that has SSL (like an online bank, the WiFi sign-in page, etc) that data still gets broadcast for all to see, just that it is encrypted using some very secure math (i.e. encryption and some other fun stuff called PKI). Now, if there is a problem with that math (i.e. someone is trying to steal your data or someone is too lazy/stupid to setup it up right) you will get that certificate error.

Personally, I would tell the management of the hotel that they need to get a different WiFi vendor. Also, a vendor too lazy to get their certificates setup right (it's not that hard), is not someone I would be willing to hand over my credit card info to.

Now, if all the WiFi sign-in page wants is that silly code on the back of the room key sleve, then there is not much to worry about and you should be fine entering it in. But again, if they want anything more (i.e. credit card or other username/passwords) I would not trust that service with the information.

And to address one last point:
If I had to guess, they are referring to the Microsoft Root Certificate Program. In which case, whoever invented the idea that a hotel WiFi provider would need to be added to that program is a complete idiot and should be fired. The WiFi vendor can easily get a <$100 certificate and use that for all his hotels.