I haven't been following this thread, but is cacert.org certs wide spread enough without users having to add certs (import)? There should be folks locally that could sign and you could become a certifier close by. Just a thought.