SSL would work a lot better if it worked more like SSH, where you could check to see if you have the right fingerprint at the beginning. And of course you can use it like this, but your browser tells you horrible things will happen. Alternately, a true web of trust with something more like the notaries might be useful.

But when it comes right down to it, any scheme of communication that relies on a variety of third parties for security isn't going to work, because you never know when one or more trusted parties are the eavesdropper.

Sure, the crypto works fine, but in practice good crypto often just lulls people into a false sense of security. "The browser shows https" is really a pretty weak indicator that no MITM is happening. I especially say this in contrast to something like an SSH handshake, which is a pretty strong indicator that no MITM is happening, especially if you validate your keys.

And the 95% of the population who don't know what a key fingerprint are, the people who are most likely to click on random things online, those people will just blindly accept that from every site on the web and then they can get MitM'ed easily by people in Starbucks. Right now you can't do that with HTTPS.