> Multiple cert paths do not necessarily make for more trust, but they > do add enough complexity to make the system unscaleable, not to > mention the revocation issues ... uuh. A single root CA definitely doesn't scale, because there is no CA that everyone can trust. There might be scalability issues with multiple paths, but they're not as fundamental as that.