Never mind that we don't need to switch to X.509, we can add X.509 certs to OpenPGP.
When you think about it, in the web-of-trust model centralized certificate authorities are just entities that a lot of people happen to trust; there's absolutely nothing stopping us from taking X.509 certs and adding them to OpenPGP keys as just another type of signature and the X.509 certificate providers have no (technical) means of stopping people from doing that.
I've argued before to the Bitcoin community that what we really want is a "best of both worlds" solution where we support centralized certificate authorities via X.509 and OpenPGP for applications with low security needs while maintaining the ability to use the WoT for those applications with higher needs. It's totally OK if average user just uses software that automatically checks the X.509 cert or OpenPGP signature issued by a certificate authority when they download some wallet software or make a payment to someone. Meanwhile advanced users, and particularly developers, can check all the signatures, WoT, certificate authority, whatever, to be sure they have the right software when they're downloading "clean" copies for their Bitcoin exchange, or making high-value payments.
What really amazes me is how people seem to think this is a binary decision, centralized PKI or WoT. It's not at all! Heck lots of organizations already apply the central certificate authority model with OpenPGP - just looks at all the Linux distributions that have master OpenPGP keys to sign packages. That's a certificate authority, but with OpenPGP technology.
Mike Hearn has been lately going on a bit of a war-path trying to push Bitcoin into a model of blind reliance on singular centralized PKI authorities and frankly it's just nuts. He's even gone as far as to strongly advocate that we don't even support multiple X.509 certs for applications, which would at least require an attacker to compromise more than one certificate authority. This is particularly crazy when at the same time he has advocated that websites, e.g. bitcointalk, reddit, slashdot, etc. sign cryptographic certificates linking usernames to identities. The idea here is if I want to pay "IamTheRealMike" my wallet software could have, say, slashdot's certificate pre-loaded and trusted, and then I'd tell it to give the funds to that username. But why would I do that? I want to pay Mike Hearn. I happen to know he's "IamTheRealMike" on slashdot.org, and "Mike Hearn" on bitcointalk, so obviously if it's a non-trivial sum of money I'd want to be able to check that both sites have stated that they're the same person, and maybe I'll check WoT too, and, say, his countries passport office. It just makes so much sense to give people options like that, but we're rather mysteriously seeing resistance. If anything, I think it's kinda insulting to the professionals in this space, both developers and finance people, to tell them "We're all too stupid to learn about anything more complex than trusting the magic green checkbox". If I was running a big Bitcoin-related business I sure as hell would want more assurance than that; when I'm writing software used by others I sure as hell want more assurance than that.
Anyway, in the OpenPGP world I'm really excited to see KeyBase pop up. It's not perfect - the functionality probably should have been just an add-on to OpenPGP rather than a website - but it's a great step in the right direction of giving flexibility and user-friendlyness to the WoT. It also works great as a local application, so if you choose to you aren't relying on their website/service for the guarantees it provides.