As the number of certificate issuers (with different profiles and
motivations), and the population of users (with different security
requirements and threat models) grows, a point has been (or will be?)
reached, where the current concept of a "Universal Trusted Third Party",
one that is accepted by a software provider on behalf of, and
distributed to, all its users, is becoming (or will quickly become?)
inadequate.
Consequently, the existing model of certificate acceptance and
distribution must be re-examined, either now, or this will have
to be changed in the near future.
MacRober