Comment by jaekwon
11 years ago
You'd need a strong root key and subkeys that rotate underneath. To change the root key would require signing by the original root and a new message to appear for confirmation.
All this plus something like a notary system to double check all your trusted root keys, would be much better than the hierarchical CA system we have.
Which root keys? The ones you store on your web server, which just got compromised?
Why would one store them there? Why not just use them to sign other keys that are actually used in online systems?
No, the question is what to do when you need to rotate them. Because that need will arise somewhere, globally, if we were to run the secure web on trust-on-first-use.
It's not interesting why someone hypothetically did get their root keys compromised, it's interesting how the proposed system would cope with it.
(Downvoting the question is not really a web scale way to build a global trust system.)