To some extent I feel like the concern over the compromised CA's is really missing the elephant in the room: Even with perfect CA security, the HTTPS security model fails to provide effective security in the real world.
First: It's not widely used. Because of the extra software and layer-8 complexity people simply don't bother to use it. Some complexity is unavoidable for authentication, but HTTPS as deployed provides all or nothing security: You don't get ephemeral encryption which makes eavesdropping harder and detectable and which could be provided without any administrative burden unless you also swallow the full authentication pill. (in practice: self-signed certs throw warnings at users which hardly provides any security, but provides enough FUD to make them mostly useless, instead the browsers could just completely hide that such pages are encrypted but they don't)
The lack of ubiquitous mandatory HTTPS makes downgrading attacks utterly trivial: "Oh no, my victim is using SSL! Oh wait, thats no problem, I'll block port 443 and they'll switch to http because its not unusual for HTTPS to fail to work".
HSTS is a good improvement on this particular fault, but even though it is trivially activated practically no sites support it and it creates its own complicated failure modes and still suffers from an inability to securely initialize it.
The authentication model is also failure prone. Certificates expire frequently and users routinely encounter certificate errors even on big name high profile sites. Browser vendors have tried to combat the resulting blind clicking by making the process more burdensome (three clicks in firefox, IIRC) but increasing the burden of the task simply makes the inattentional blindness more potent.
I had recent experience with this: Some teammate linked to an IETF page in chat, and the IETF had an expired certificate. I managed to click through the warnings without ever realizing they were there, only noticing it when other people in the chat commented. None of us reported the expired cert perhaps we were all just MITMed with an old cert, we'll never know because the HTTPS model simply doesn't work.
Despite its faults and the huge number of supported CA's, SSL is also costly: The smaller number of public CA's that are supported by a broader set of browsers charge a lot, especially for the wildcard certificates which are needed to support subdomains. This further discourages usage.
Even when the CAs are functioning normally their validation process is a joke: usually it requires nothing more than responding to an email sent to a domain name administrative contact, or a file with a particular name placed on the site (and served via unauthenticated HTTP) in many cases neither are significant barriers to anyone with a fax machine or a little luck at guessing password. Yet making it better would only increase the already high costs.
Furthermore, in the almost universally used without-PFS mode SSL certificates stored on a server are incredibly valuable to attackers: Capturing a sites certificate not only allows you to _undetectably_ impersonate the site for the duration of the cert (or until its revoked), but it allows an attacker to decrypt all communications with that server _prior_ to the exploitation which they may have captured. So, as deployed SSL does little to discourage the creation of billion dollar ubiquitous surveillance systems, as even when its used its easily defeated ex-post-facto!
Moreover, often your your browser talking to an intermediary "application service provider" rather than to the true far end of your communication. E.g. when you send an email on facebook the other end of your communication is your friend facebook is just a middle-man no different from your ISP. In this very common model HTTPS offers nothing in the way of end to end security, it simply moves the vulnerability point around. In the same way we don't consider our local WiFi WPA adequate to secure our internet traffic, we shouldn't consider HTTPS adequate.
I could continue, but I think these points are enough to establish that the compromise any of many vulnerability of the CA mode is just one problem out of a great many.
People looking at the "SSL problem" would do to expand their analysis to beyond the CA insecurity. Systems like OTR (within its narrow problem domain) and Tcpcrypt (covering layers below authentication) provide security properties which are much more aligned with the practical needs of the internet than what HTTPS provides.