Corporations and non-profit organizations are planning to SSL everything, and people are thinking, how nice of these companies to protect their consumers from foreign and local surveillance?
There are Certificate Authorities popping up everywhere, even free non-profit ones which plan to give everyone a cert.
I think this is dangerous. Almost all of these new CAs are American, and even if they aren’t, these CAs can be easily infiltrated by the Americans. In fact a lot of CAs has suffered break-ins.
This means the Americans can do a man-in-the-middle attack of all SSL traffic and still not lose certificate validity. This is extremely dangerous. We need to use something like CJDNS and avoid the use of CAs altogether.
As a side note, the extent to which the establishment goes to use rubber hose methods to subvert asymmetric key cryptography shows how well they work. Cryptographers have always been suspicious of asymmetric key ciphers because they are presented without formal proof like the symmetric key ciphers.