If you go to "mybank.com" and they say "we are mybank.com, trust us,we are who we say we are, here is an encrypted connection, use it to send your bank info", would you proceed? i hope you wont.
Many banks do that when they phone you. They do not present their number and then ask you to answer their security questions (the ones you have to answer when you phone them). Then act surprised if you tell them that as they called you anonymously that they have to first demonstrate that they are calling from the bank and are not scammers attempting to elicit your security details.
If you were presented with a fingerprint on first connection and mybank published its fingerprint 'out of band;' (eg having printed on every paper statement, available (in print) in every branch, etc) then this would give a much greater level of trust. On the other hand this only works well with entities with which you already have a relationship not a "random" web commerce site. Though, with entities such as banks with which you already have a relationship they could provide their X.509 certificate out of band by giving it to you on a CD, USB stick, etc.