I agree with the sentiment, but this part is complete bullshit:

> what is the likelihood of every certificate authority on the Internet having their private keys compromised simultaneously

Who cares? It's not like all CAs would have to be breached, just one. CA certs are not scoped, so the moment one CA gets breached, we're all fucked. CT helps, but AFAIK it's still not enforced everywhere yet