Bruce Schneier provided a link to the Electronic Frontier Foundation's "Sovereign Keys Project".
From the high-level summary, there are three changes EFF is advocating:
- Replace warnings about invalid certificates with automated attack circumvention. 2. Giving web site owners the option of bypassing the existing Certificate Authority-based Public Key Infrastructure (PKI) bureaucracy. 3. Using decentralized key management and giving users new DNSSEC options.
This isn't the sort of thing that I think of as related to telecom, but I realized that VoIP makes extensive use of TLS, and that makes this relative. Not only will the existing Certificate Authorities oppose the EFF's plan - after all, it breaks their rice bowl - but the various governments who have been enjoying "Root Certificate" access to their citizens' web transactions will need to find new ways to eavesdrop.
The most important thing to keep in mind while reading about the EFF's plan is the security is an arms race: there is never going to be a stable, predictable, long-term, low cost procedure for securing data. Schneier pointed out long ago that when data is valuable enough to get a government involved, other methods and possibilities come into the picture, up to and including "rubber hose cryptography". It's counterproductive to depend on any one method.
Bill