[perlgeek]

How about the TLD NICs sign your certificates when you register the domain?

Ideally they have already verified your name, company and address, and you have to trust them to some extend anyway, because they are responsible for the name servers

[dcc1]

Ehm no thank you, not all of us want to give away such information for personal projects, there are many reasons for people wanting to register domains privately (beside spammers harvesting whois)

[toast0]

If you give your registrar invalid contact information, your domain is subject to deletion by policy. Proxy registration is OK, as long as the contact information works.

[threeseed]

At some point you have to give your information whether it's to the registrar or the proxy company. What is wrong with them using the same information to handle the certificates on your behalf ?

[wmf]

AFAIK DNSSec has no additional identity requirements compared to normal DNS.

[rakoo]

> and you have to trust them to some extend anyway, because they are responsible for the name servers

So this is not solving the problem, this is moving it elsewhere.