The method you've described for determining trustworthiness is worthless with self-signed certificates that you haven't already verified out of band (or chosen to trust the local signing CA for the cert) or in cases where the chain of trust for a certificate has been compromised. The people operating the shop on East Street could be honest merchants, and without being able to fully trust the PKI chain that verifies exactly who you're speaking to, a man in the middle could silently intercept (and potentially modify in transit) every byte of your communications with the East Street shop. After you've transmitted your credit card number, billing address, shipping address, etc, the MITM could simply log that data for later use.
A well known tactic of skimming/carding operations (both online and at brick and mortar stores) is to capture cardholder data and sit on it for a few weeks or months, then sell a large batch of such data to other criminals. Months down the road, unless you've used a unique card number everywhere you've shopped, you're going to have an extremely hard time determining where the compromise originated, and all the while the East Street merchant did nothing wrong.
You should care very much whether or not the web shop I'm connecting to is on East Street or West Street, and you should do your best to research merchants before transacting business with them. The usefulness of "web of trust" models is best realized under circumstances where groups of people with an interest in transacting such business communicate with one another regarding the trustworthiness of those they wish to do business with, along with those responsible for ensuring the cryptographic integrity of such communications.