Problem: In the event of disaster, there may be no infrastructure available to notify the subscriber/members. Problem: In the event of revocation of the root, it is a business problem for the subscribers (get another certificate). Problem: In the event of revocation of the root, it is a security problem for the members (revoked root may be compromised or breached, resulting in losses). It is possible that this criteria is better read as "All Members" rather than "All Subscribers." Either way, there is no strong method to do this. Blog posting is the current version, but that is weak. Is that acceptable, given all the above?