Agreed, CAs are an easily-exploitable smokescreen. Distribution is the way to go here. Seems like you could post your public key in the data section of a namecoin domain entry, no?
I think there is movement on this type of system, but it's slow because people don't realize just how insecure HTTPS is when CAs and the US government are involved.
I heard of a project a while back, but haven't seen it since and I forget the name. My understanding is that it's slow going. I think the best bet is, as mentioned, piggyback onto the blockchain somehow. Namecoin is probably the closest to getting this right.
I think there is movement on this type of system, but it's slow because people don't realize just how insecure HTTPS is when CAs and the US government are involved.