The dev team recently announced the decision to chose SSL's PKI for the new Bitcoin merchant API , called
BIP 70.
Mike Hearn defended the choice in
this article by claiming that nobody offered any workable alternatives.
However,
CA Cert is an alternative that works and should be considered for three reasons:
1. CA Cert works with SSL. It is a decentralized Certificate Authority that does not charge for SSL certs, with 20,000 members.
2. CA Cert has a working arbitration forum that has the potential to solve many of the problems that crop up with Bitcoin - the lack of trust and enforcability of contracts between users across national borders.
3. CA Cert has thus far successfully repelled attempts by intelligence agencies to insert their people into key positions in the organization.
In
this article at financialcryptography.com, Ian Grigg argues that Bitcoin is throwing the baby out with the bathwater by adopting the mainstream SSL PKI.
Grigg says:
But what's the alternative, Mike Hearn asks? His fundamental claim seems to stand: there isn't a clear alternative. This is true. If you ignore Bitcoin's purpose in life, if you ignore your own capabilities and you ignore [the Bitcoin] community, then ... I agree! If you ignore CAcert, too, I agree. There is no alternate.
The Bitcoin community is exactly the kind of community that has the chops to provide a much needed alternative to the centralized corrupt corporate SSL PKI. If they aren't willing to give it a go,
at least use CA Cert which is far more in line with Bitcoin's ethos.