The original conmment was about "unknown third parties". I'm not advocating handing over your ssh keys to anyone but if you did, at least this would be a third party you consciously chose to trust. The crap load of CA's you implicitly trust on the other hand... Do you even know the names of 10 out of about 200 of them embedded in your browser?

EDIT: Case in point.. did you know the name WoSign before they became notorious? https://docs.google.com/document/d/1C6BlmbeQfn4a9zydVi2UvjBG...