> I think the real problem here is that folk are demanding something that is > impossible. They want a PKI that is entirely costless, failure free and >provides unlimited liability. If you set that as the standard for existence > of a global PKI then you are never going to see one. Folks will pay a certain amount providing the certificate validity period is not short time, for example issuing certificate that are valid for 2 years instead 1 year or provide many different validity periods for customers to choose from. The issue is of implementation of the system.