Digital certificates: worth the paper they're written on?

2011 was a nasty year for advocates of digital certificates based on Public Key Infrastructure (PKI). Several breaches shook the industry's confidence in a decades-old system, and left many wondering whether there was a good alternative to digital certificates and SSL/TLS-based web security. Last year was a difficult one for advocates of digital certificates based on PKI. Several breaches shook the industry's confidence in a decades-old system, and left many wondering whether there was a good alternative to digital certificates and SSL/TLS-based web security. The certificate-based security infrastructure on which Internet-based authentication relies is based on a chain of trust. But that chain has been shown to have weak links. Danny Bradbury looks at the current weaknesses and a number of proposed alternatives and asks if any of them is up to the job.