This system is very inefficient. So inefficient that it would not be useable on mobile devices, and you would have to trust a 3rd party to verify websites for you.
>Neither self-signed nor CA-signed certificates are securely authenticated
CA-signed certs are authenticated by the certificate authority. You cannot trust that a website presenting itself as google, is google, without any prior information. But google can get a certificate issued by a ca, and you can trust the ca.
Why do you think ca signed certs are not securely authenticated?
> This system is very inefficient. So inefficient that it would not be useable on mobile devices, and you would have to trust a 3rd party to verify websites for you.
It sounds like you're thinking about running a blockchain node locally. DNSChain is exactly fixing that issue. It is even more efficient than the current system.
> A-signed certs are authenticated by the certificate authority.
Incorrect, CA-signed certs are authenticated by any certificate authority.
> Why do you think ca signed certs are not securely authenticated?
Also:
"Neither self-signed nor CA-signed certificates are securely authenticated, so the padlock is completely misleading."
From: https://news.ycombinator.com/item?id=7826503