[computer]

Doesn't it mean we can do CA-free authenticated HTTPS? That would make it useful for me.

[tptacek]

No, it doesn't. It means that a different set of huge organizations, this time explicitly including world governments, will get added to the list of CA-equivalents.

Post-NSA-revelations, DNSSEC-based browser security is lunacy.