[fedotovcorp]

Thanks for the references! The main issue isn't the support and maintenance of a such distributed network, but its integration with current solutions and avoiding centralized middleware services that will weaken the schema described in the documents.

[westurner]

> The main issue isn't the support and maintenance of a such distributed network,

Running a permissioned blockchain is nontrivial. "Just fork XYZ and call it a day" doesn't quite describe the amount of work involved. There's read latency at scale. There's merging things to maintain vendor strings,

> but its integration with current solutions

- Verify issuee identity

- Update (domain/CN/subjectAltName, date) index

- Update cached cert and CRL bundles

- Propagate changes to all clients

> and avoiding centralized middleware services that will weaken the schema described in the documents.

Eventually, a CDN will look desireable. IPFS may fit the bill, IDK?

[fedotovcorp]

> Running a permissioned blockchain is nontrivial.

You are right. It's needed a relevant BFT protocol, a lot of work with masternodes community and smart economic system inside. You can look at an example of a such protocol: https://github.com/Remmeauth/remme-core/tree/dev