>
> On an unrelated note, X.509 is a terrible standard that should be
> abandoned as quickly as possible. BitPay is working on a new standard
> based on bitcoin-like addresses for authentication. It would be great if
> we could work with the community to establish a complete, decentralized
> authentication protocol. The sooner we can evolve beyond X.509 the better.


Because this is such a common sentiment, I wrote a couple of articles on
the matter.

The first is about why BIP 70 uses the SSL PKI and an examination of the
most commonly proposed alternative ideas:

   https://medium.com/p/b64cf5912aa7

... including the web of trust, using bitcoin addresses/the block chain,
allowing multiple certs, trust-on-first-use and (for SSL only)
perspectives/convergence.

The second is a summary of some of the most famous crypto-usability
research papers published in the past 10-15 years. They cover SSL and PGP.
If you're interested in designing alternatives, reading these papers would
be a good place to start:

    https://medium.com/p/d04ea6a2c771

There's a book from O'Reilly called Security & Usability that contains 34
papers and essays. It's very good:

   http://shop.oreilly.com/product/9780596008277.do