I just came across the Milagro project which seems to be solving some of the limitations introduced by PKI (centralized trust authorities with single point of failure hard-to-revoke root keys, using X.509 for identity) by introducing "key fractions" handed out by distributed authorities.
Though this seems scalable, how is trust bootstrapped in a non-PKI system? What are some drawbacks with this type of implementation?
It simply is only a part of what a full Certicate sytem can do. If all you need is a strong encryption system, that ok. If you want to make sure that you are connected to the same service you used yesterday (or last week, or ...) it is ok.
If a server wants to make sure that the user asking for a document is the one that deposited it, or one that was explicitely given the ability to retrieve it, it is ok too.
But if an administrative authority wants to be sure that the guy asking for a birth certificate or any other confidential information is Mr. X, something or someone must certify that this particular key has indeed be given to Mr. X, and that the identity of Mr. X was thoroughly controlled with a physical presentation of Mr. X itself with his identity card or driving license. That part cannot exists without a trusted authority.
The other problematic case if if you have to engage a legal action against a guy that has sent a command to you and now refuses to pay. You can know that he is the owner of a particular key, but you cannot be sure if he is or not Mr X or Mr Y.
What I mean is that if you need a bond between a key and a particular human being, you need a trusted authority with strong administrative procedures.
