Yeah, I didn't mention TOFU because it's a non-starter if you're trying to get a secure introduction to someone you don't know.
The fundamental problem is that "identity" is problematic. How do you know someone is who they say they are? Perhaps you don't really know who you are. That's why I want a space for a certified identity that isn't tied to a government ID. Like, an instance of some software might claim an ID. Arguably, a domain is an ID. I don't see what's wrong with something or somone having multiple IDs that aren't linkable.
I agree with a lot of that, but arguably the current CA system nearly gives us that thanks to Let's Encrypt. Registering a domain requires some real government identity, but LE doesn't actually care about that. All they do is vouch to a potential visitor that they have verified TLS certificate being presented belongs to the entity that controls the domain the visitor is attempting to connect to. From LE's point of view, they don't care who owns the domain or if the owner of domain A is the same as the owner of domain B...the domain is the identity as far as they're concerned.
My only complaint with Let's Encrypt is that I'm uncomfortable with so much of the Internet trust infrastructure relying on the generosity and good will of a single organization, but it's hard to imagine a better solution to the underlying problem than what they've created (other than perhaps a bunch of competing Let's Encrypts).
The fundamental problem is that "identity" is problematic. How do you know someone is who they say they are? Perhaps you don't really know who you are. That's why I want a space for a certified identity that isn't tied to a government ID. Like, an instance of some software might claim an ID. Arguably, a domain is an ID. I don't see what's wrong with something or somone having multiple IDs that aren't linkable.