all the tech based on certificates is obsolete fiat and need to be replaced, theres absolutely no reason to still use this trusted custodial overhead, asymmetric encryption keys have all the necessary to enstablish verifiable connections.