Digital certificates have become the standard for secure communications over the Internet and other networks. But a certificate is only as good as the Certification Authority (CA) that issues it, and some major CAs have suffered from security breaches recently. How can you be a sure that a CA is trustworthy? Are there too many CAs out there now? These are some of the questions that Jim Fenton mulls over in his Reexamining Public Key Infrastructure post over on the Cisco Security blog.
http://blogs.cisco.com/security/reexamining-public-key-infrastructure/