Assessing SSL/TLS Certificate Centralization: Implications for Digital Sovereignty

SSL/TLS is a fundamental technology in the network protocol stack that enables encrypted data transmission and authentication of web domains. However, the current model relies on a small number of Certificate Authorities (CAs) to provide and validate certificates, thus creating a highly centralized ecosystem. In this paper, we analyze the degree of centralization of certificate provisioning from CAs in two major political groups: Brazil, Russia, India, China, and South Africa (BRICS) and the European Union (EU). We have found that over 75% of certificates for both BRICS and EU domains originate from CAs based in the United States, indicating possible risks to their digital sovereignty due to the high level of external dependency. This indicates the need for nations within those groups to research alternatives to reduce the high level of dependency on foreign CAs and increase their digital autonomy.