Https is the new normal. We all knew that the CAs are not working properly. The chain of trust between the website and “me” is founded on the believe of the “green lock”. If we dissect this chain of trust we find the “weakest link” the private-key’s. This discovery leads to question how we manage our digital identity. And leave the unanswered question, how could we rebuild trust?