[subway]

A blockchain seems like a very reasonable way to provide a distributed immutable log of actions that take place within a PKI infrastructure. It even adds the ability for 3rd party auditors to participate in the system in a real-time manner.

You might even extend it, so that instead of it being PKI with a blockchain transport, to something more akin to Kerberos with a blockchain transport -- every attempt, successful or not, to access a resource could be immutably logged, and access could be granted by the targeted resource only once the authorization message has been committed to the blockchain (and therefore approved by auditors)

[captn3m0]

Cert Transparency is an effort on that front: https://www.certificate-transparency.org/faq, and it works without a blockchain.

[subway]

Cert Transparency depends on our benevolent lord Google to maintain the integrity of the log. Using a blockchain pushes that trust model out such that it's distributed across multiple actors.

There's nothing wrong with CT -- it's a great step in the right direction. There's also nothing wrong with exploring distributed immutable logging.