[syn0byte]

It "works" only at relatively low values of "work". By that I mean you are fine with various governments having complete control as long as it keeps the 14yo moms-basement sorts at bay.

My complaints with PKI aren't technical difficulty but administrative and bureaucratic. Consider; The NSA issues an NSL for all the root keys to YourCA Inc. Now what?

We would flee PKI like rats from a sinking ship if the capacity for a government to obtain any CAs private keys was written into code. But because its written into policy we simply ignore it.

[bdamm]

PKI solves a lot of problems but it sure doesn't solve government making choices you don't like. That's not a PKI problem, though, that's a government problem, and asking PKI to solve that is way outside the arena.