allow the old key for a whitelist of known past titles
Depending on how the whitelist was done, couldn't a softmodder just have his code say, "oh, yeah, I'm [some whitelisted game]. So use the old key for me"?
No. The signature verification stars by SHA-1 hash of the executable itself. This is what is "signed".
The whitelist would be a list of SHA-1 hashes.
SHA-1 is still secure, in that it's not possible in any reasonable time to work out which few bytes you would add to the end of your homebrew that would transform your homebrew's SHA-1 hash into one of the hashes on the list.
all Sony need to do is to pull their database...
That assumes that such a database exists, which isn't necessarily true. And if Sony is sending that data over the Internet, it's just a matter of poking around the updating code and listening to the netwiork traffic, and then the hackers could have Sony kindly supply them with the factory key of any system they have an identifyer for.
Not quite. This is what's called a collusion attack, and we don't know if it's possible with the encryption algorithm Sony used, because we don't know what algorithm they used (yet) - we haven't seen bootldr.
It would be nice to have a plaintext of metldr, but we don't have that - only George Hotz does, and even then I suspect he only has some of it, not all of it.
If Sony pre-encrypt all metldrs handed out, and all console-specific keys were random (i.e. not generated based on the serial number), there's no way to map serial number to console-specific key without Sony's database (presuming it exists).
If we can't work out the encryption used on metldr, and we can't get a plaintext of the updated metldr Sony hands out, then we can't reverse their encryption mechanism and therefore work out the console-specific key for any given console.
So, our only hope is to find out where the console specific key is stored, and to become able to extract it in future. Once we have that, we can encrypt our own metldr, which is easily accessible on the flash chip.
Furthermore, if we try and work out the encryption based on large numbers of requests to Sony's update servers, they potentially could detect us and start serving us phony updates, which would scupper our attempts (and would also entirely brick a PS3 if they mistook a genuine PS3 updating)