Stephen Kent;
I've authored several papers that capture what I see as the essence of
your characterizations, in a simple form. The central notion is that
most of these relationships are NOT about trust, but rather about
authority. if one views them in this fashion, then it becomes apparent
that the entities that are authoritative for identification and
authorization assertions should be CAs, and we, as individuals with many
distinct identities, should expect to hold many certs, each
corresponding to one identity.
The problem for such PKI is that, if we have certs based on
existing trust (e.g. I trust some organization have an authority
to issue passports) relationships, we can exchange shared secret
using the relationships that we don't need any public keys.
This is what happens in the physical
world with most physical credentials: passports, frequent traveller
cards, etc.
Our trust relationships in these cases are so strong that we
can be delivered not only PINs (shared secret) but also physical
credentials.
Then, who need public key cryptography?
Thus, many expect thatm once a PKI is formed, it can create any
trust relationship for anything.
We know a PKI does not.
The next question is, does a, two or millions of PKIs worth having?
I don't think they do.
Masataka Ohta