tcsoftware - 9:59 am on Nov 23, 2011 (gmt 0)

In essence, the SK model reduces the number of attack points from hundreds of CAs to 30 or fewer servers where any compromise can be detected automatically. Suspicious entries and other indications of a security breach will cause a compromised server to be immediately ignored by mirrors and clients alike.

One good DoS attack and HTTPS breaks for everyone, everywhere!