The CA-identies only works for Real-Names not pseudonyms. The Web-of-trust has scalability issues on top of that.
To plug my own work: I came up with a protocol[0] to tie identities to publications, using the DNSSEC root as trust anchor. This lets strangers verify certificates and esablish trust that a message was certainly sent by the owner of the key. This allows for key exchange between strangers, assisted by a website as introducer that does not need their true identitities.
To plug my own work: I came up with a protocol[0] to tie identities to publications, using the DNSSEC root as trust anchor. This lets strangers verify certificates and esablish trust that a message was certainly sent by the owner of the key. This allows for key exchange between strangers, assisted by a website as introducer that does not need their true identitities.
0: https://eccentric-authentication.nl/eccentric-authentication...