It's Time to Fix HTTPS
Global PKI, as currently implemented in browsers, does not work.
more on docs.google.com
An article explaining problems with with Public Key Infrastructure and proposing an alternative based on TOFU/POP: Trust On First Use; Persistence of Pseudonym. Ironically, while sharing this presentation on Posterous I did get a security warning in my browser.
