> Regardless, look at the vast majority of technical users relying on SSH without using a CA for secure communications, had browsers done a better job at self-signed certs we could be doing the same on the web.

How many technical users actually check the fingerprint matches the expected one of the server, out-of-band? Almost everyone I know just accepts the unknown fingerprint, so almost nobody knows who the endpoint they're actually connected to is.