Fixing PKI
When it comes to suggesting infrastructure standards, I'm not exactly in the "in crowd" - I'm hoping that gets the attention of someone who is, and of course am open to suggestions related to it.
Nutshell, there is a problem with PKI and revoked certificates, or rather, how clients know about revoked certificates.
I believe what I describe in that link is the best way to solve the problem. Of course, my opinion is probably biased, but…