I'm not convinced there's a problem with the status quo. For the 90% of people you describe, the SSL certificate dialog box comes down to this:
Your connection to www.bigbank.com is insecure. It's likely that people are trying to steal your money.
Give them my money | Cancel
My parents don't understand X.509 PKI, but they do understand that they care if a connection is secure if and only if they plan to send financial credentials over it. They know - and the computer doesn't - what information they are planning to send. Thus, they are capable of responding to this dialog correctly 100% of the time. Choosing either option for them would be right less than 100% of the time. A complicated voting scheme would be right less than 100% of the time.