Disintermediation and decentralisation are two of the major benefits and promises of blockchain, so there have been several proposals about how to use blockchain to eliminate weaknesses in today’s certificate infrastructure.
Game of Keys: Too Much Information About Certificate Authorities provides an easily understandable introduction into some of the challenges.
The existing issues can be summarized as
Centralisation - a single point of compromise can break security for millions of certificates;
Lack of transparency - the inner workings of Certificate Authorities, and thus the ability to verify the correct function is extremely limited and typically given only to auditors with a financial incentive to approve;
Concentration - traditional Certificate Authorities are mostly in sunset mode with increasing costs for security and compliance, and decreasing revenue from having to compete with free services, especially Let’s Encrypt. The result is a growing consolidation and thus concentration of the trust infrastructure into fewer and fewer critical points.
There is a fairly long list of compromised Certificate Authorities over the years. So the question “What if we could avoid centralised trust?” has become a fairly obvious question to ask.
There are a couple of interesting proposals on the subject, either based on existing chains, such as Ethereum, Bitcoin, Namecoin, or on custom consensus amongst the different PKIs. A Decentralized Dynamic PKI based on Blockchain - Lund University is a recent publication with a pretty good overview.
The proposal made in the paper is interesting, but introducing a custom consensus makes the system susceptible to the same kinds of other 51% attacks that can be observed in the wild - so without sufficient adoption, and without an economic or resource based protection mechanism, the resulting trust level is unclear.
Also given the emerging standards in this area it would be preferable if it was based on Decentralized Identifiers (DIDs) v1.0 and linked to the work done by the Identity Foundation because ultimately the role of certificates is to establish a link between a person, an organisation or a device and the digital interaction that is given validity and trust by the certificate.
In other words, the most scalable, interoperable and valuable implementation of a decentralised, disintermediated PKI on top of blockchain would likely best be described as Decentralised Identity Public Key Infrastructure (DIDPKI).
Such a DIDPKI should likely meet a couple of requirements, such as
Supporting the technical certificate requirements for existing regulation, i.e. Trust services and eID | Shaping Europe’s digital future & Co, at for certificate types (i.e. X.509 )and parameters;
Blockchain / trust anchor agnostic;
Highly scalable, so that certificates can be short lived and require minimal re-use.
It seems that much of DIF Sidetree Protocol would be re-usable for this purpose, although Bitcoin may be too expensive a chain for the frequency with which one might generate certificates. The use of IPFS for Content Addressable Storage (CAS) as the basis for Conflict-free replicated data type repository of self-certifying data seems like a very good basis for such a DIDPKI and the resulting structure of DIDPKI nodes would likely look a lot like that of the Sidetree Network:
This is primarily a collection of some preliminary thoughts, looking for some input and potentially volunteers to help build out a specification. Comments and inputs welcome.