@thenexusofprivacy You're right that the original post discussed those other things, and maybe I should have highlighted that.Still, I don't think the "mulitple verifiers" changes much in the analysis of whether it resembles CAs: browsers also ship with multiple certificate authorities, which each act like verifiers in this case.