But at any rate, calling the PKI "centralised" vs Bitcoin "decentralised" is kind of amusing, given that there are more root CA's than mining pools.
Do take care there, it's not the right comparison. _Generally_ more CAs == more vulnerable because any CA can author a cert for any domain.
The greater point is that the payment protocol, while it can use x.509 doesn't have security that turns totally brittle even if the CA infrastructure misbehaves.
I'd like to see better support for non-SSL CA stuff, but the options are pretty limited. Doing other things, however, is not mutually exclusive with also supporting x.509.