If it is not easy, it won't get adopted, and if it does not get adopted what is the point. Ease of use and security need to go hand in hand. We pretty much have to trust 3rd parties. Our computer components, operating system, browser, applictions are made by 3rd parties. I am all for a better mechanism than CA for authentication, but this needs to be convenient. Distributing directly between 2 parties is not convenient. Allowing identifies (public keys) to be managed and audited by public trusted 3rd parties is a great idea, as long as it is distributed and open, so you can go to multiple trusted 3rd parties and get independant validation and audit history of identities.