We should. We won't.
A system built around certificate authorities is broken by design. Self-signed certs are much more secure than anything stamped by a CA.
And can we start using client certs, please? I should be able to walk into my bank and hand them a unique cert that they attach to my account and use for verification. Additionally, I should be able to request a unique cert on their end that they use only for my account so I can do my own verification.
Since this is all self-signed shit, it can be easily automated.
For revocation, all either party has to do is stop using/trusting the cert. No one can regenerate the bank's unique cert that I trust because there is no authority with that power. No one can regenerate mine. If the bank wants to issue a new cert, I have to go in and get the new cert and trust it. You can dumb down your trust if you want - the bank could mail you the cert, mail you a letter saying it's going to be changed, post the thumbprint of the cert on their site, to their support phone line, whatever. If I want to issue a new cert, I have to get them to trust me in a similar fashion.
Doing it this way is more work, but you have ACTUAL trust, negotiated equally by both parties. You can choose convenience over security if you want, but you're not subject to some government/CA MITMing everything on a whim.