Author: Bernd Jendrissek 2014-02-18 23:41:36
Published on: 2014-02-18T23:41:36+00:00
A conversation about X.509 encryption certificates took place between Peter Todd and another individual who expressed their dislike of the fact that a single issuer can be assigned to each certificate. While cross-signing is available, it doesn't alleviate their concerns regarding too much power being held by centralized authorities. The issue is not with centralization itself, but rather how the technical standard encourages concentration in infrastructure. An article explains this in detail. The individual has been working on a patch to allow pki_data to contain more than one certificate chain, but progress has been slow. Implementing an OpenPGP-based pki_type may be a better solution, but they are currently focusing on modifying the x509+* system.
Updated on: 2023-06-08T03:02:33.211886+00:00