The thing is, as Prof. Green points out, <i>we've all always known this, but we've ignored it</i>. If the protocol one uses isn't secure when used over Tor (because some Romanian exit node is able to snarf your password), then it's not secure enough to use across the Internet in general.<p>XPKI simply isn't enough: it's a worst-of-all-worlds solution in which there's not just <i>one</i> global trust root, there are <i>hundreds</i>.<p>Using the blockchain as a globally-verifiable data store is interesting, but comes with an incredible cost (and may still be vulnerable to manipulation).<p>Better, I think, would be to embrace the reality that human beings are citizens of states, and to leverage that: if the governments of the United States, Iran, Germany, Russia, Australia, Uzbekistan, Chad, Chile and Peru all agree to a statement, then it's very probably true. We could use that kind of unanimous (or supermajority) agreement as a trust root for identity, since it's extraordinarily unlikely that ever state in the world would agree to the same lie.<p>Once we have a global trust root, it's easy enough to carve off namespaces within it. States could have authorised textual namespaces (e.g. '(<i>global-root</i> us)' for the United States: in a very real sense, '(<i>global-root</i> us foo)' <i>is</i> whatever the US government wants it to be).<p>With this scheme, anyone would still be free to have his own, additional, alternate roots; an assertion of '(<i>global-root</i> uk british-airways)' would not apply to '(billy-joe random-orgs ba)' unless the objects thus named shared the same key.