Is it better for a free world to have the traffic be unencrypted?
Feels like one head of the hydra is control of the cert-trust network, but another head is traffic-sniffing and monitoring one's online activity, yeah?
Please do not bring a straw man argument to the table. I clearly said " Until a central-authority-free alternative exists". Such alternatives are readily available and already used to secure e.g. ssh connections, but are not without drawbacks. One alternative that might be less likely to suffer from the same weaknesses as a certifcate-free model is a distributed certificate authority that relies on a ledger like DNS.
Those are the same thing. The CA system is a distributed X.500 database. It's the most distributed database in the world since the entries that comprise it are the certs themselves.
Moving the infrastructure to DNS wouldn't change the nature of the system, just which entities are at the root. Hell, the CA system right now delegates authority to domain registrars and the DNS system.
Feels like one head of the hydra is control of the cert-trust network, but another head is traffic-sniffing and monitoring one's online activity, yeah?