jamesh:The free software CA idea is interesting. I have been thinking about issues surrounding Certificate Authorities a good deal recently. Pretty much all of the projects I am working on at work end up requiring certificates all over the place. Servers need them, but people also need some form of them. Since these are all higher education projects, it seems like a lot of people will be using this stuff once it is finished. The licenses on the projects are all Free, but I'm worried about the tens of thousands of needed certificates. It doesn't seem like that aspect of things scales very well. But I do think that absolute certificates are needed, rather than an advogato-style trust metric, since in this case trust is a binary issue. Trust is a hard problem....you have to implement a system where you can be sure that no untrustorthy people get trust, but it can't be overly hard to use, or cost too much, and ideally no trustworthy person should be denied trust.