On the Diginotar-breach debacle, on slashdot:
Personally, the breach leaves me a bit speech- and helpless.
Currently, there does not seem to be an easy solution to the problem.
In theory, we can’t just shrug it all off and continue the SSL-Certificate security-theatre like we used to do in the past.
In practice, we lack a scalable alternative. Also lacking are educated users.
In fact, the only reliable factor in the SSL-Certificate circus seems to be the ignorance and stupidity of users who click and accept any modal dialog that opens on the screen.