Recent years have shown the fallacy of Certificate Authorities (CAs); insiders are able to steal master signing keys and impersonate certificates, exploitation of system vulnerabilities and other means of infiltration allow attackers to gain access to CAs and copy their keys, etc. At stake is the mere survival of public key infrastructures as trust in them is bootstrapped from trust in certificates that bind public keys to known identities. The current attack surface exposed by CAs makes trust in their issued certificates questionable.
