I'm glad to see the new post by MG on his blog which has been quiet for some time. My RSS feed to his website still does not work. -- Tom
If people used their public key finger print more it might help. For example if I used it as my SIG on my forum posts anyone could compare that with a public key someone claiming to be me sent them. Websites could have a second domain name, their cert fingerprint.com. They could publish both URLs anywhere including their site and on printed literature, business cards etc. The security conscious could use the secure url. A browser addon could easily verify that the site cert matches the fingerprint URL prior to TLS negotiation.