The risk is reduced by starting with an empty keystore, when I have
enough trust in the person then I added the person. When the trust is
comprised, I remove the person. And before using my private key, I must
enter a pass phrase as the private key is encrypted with this pass
phrase.
In X.509, it gives me a keystore with lots of certificates that I may
not be able to trust. How do trust these certificates?
I can not simply, they could be fake, and there is no establishment of
trust, especially if the keystore component is written by Microsoft.
"Make a determination in your mind whether this key actually belongs to
the person whom you think it belongs to, based on available evidence."