There’s been a push over the last twelve years to move web traffic off unencrypted HTTP to encrypted HTTPS, to protect the general public from dragnet surveillance, gaping assholes on public wifi, backhauls over unencrypted satellites, that kinda thing. HTTPS relies on a public key infrastructure to make sure only authorized servers have keys for specific websites.

This public key infrastructure isn’t just a bunch of servers and vaults in datacenter cages around the world. It’s a social and political system operated and regulated by several parties with conflicting goals.

We'll go over the high-level view (no math!) of how it works, various organizational failures and outcomes from these failures, and what we can do to make this system work better.