[SahAssar]

> central control

What central control? Your browser uses a trust store and there are multiple independent (but collaborating) groups that decide what CA:s to trust.

The rest of your supposed drawbacks seem like they would be the same in any system with encryption, right?

[forgotmypw17]

You rely on one of several central authorities to grant a user access to your website (or be faced with a scary message about your site being insecure).

Just because you can choose from one of several central authorities doesn't change the fact that you are reliant on them to authorize the user's ability to establish a network connection with you.

[SahAssar]

That means it is more like federated control IMO.

[forgotmypw17]

Whatever you want to call it, it creates extra complexity, failure modes, and barriers to information access.