http://perspectives-project.org/
The root of the problem is that with the CA model, browsers blindly trust
a group of 600+ corporate and government parties (ref) to validate SSL certificates.
You as a web browser user have little or no choice about who to trust
and essentially no visibility into whether these organizations deserve your trust.
How Perspectives Helps
Perspectives takes a different approach to how the web browser determines if an SSL certificate is valid.
Instead of requiring browser users to trust an anointed group of certificate authorities,
Perspectives gives users the ability to pick a group they trust (e.g., the EFF, Google, their company, their university, their group of friends, etc.) and trust no one else.
I have not read the rest of the text. I doubt them do this for free so it maybe is only for companies and rich people?
But could not Linux as a body of caring people make their own list of trusted such certificates?