Let me throw in another vote against the *necessity* of hierarchical
certification by arguing against the necessity of certification itself.
For example, it is possible, given digital signatures, to have totally
anonymous bank accounts -- identified only by public key -- with no
certification of relationship between that key and any other fact about any
individual or corporation. Such accounts are at least as valuable as a
Swiss numbered account -- perhaps more so since no one need know the
identity of the person or people with the power to withdraw funds. Such
funds transfers can be made not only anonymously but untraceably. It might
even be possible for them to be made without it being possible to trace
the transfer at either end (eg., using digital cash techniques).
I don't propose that all bank accounts be anonymous. It's just that I
don't like to see us jump into an attempt to relate public keys into the
physical world so that our old established notions about relationships and
responsibility can carry over into this new domain when by doing that we
end up avoiding research into all the possibilities which digital
signatures open up. That research needs to be both technical and social --
or we could shy away from it by forcing relationships between keys and
those entities to which we are already accustomed.
--Carl