who is willing to trust a cryptographically signed certificate? specially one from your friend?