I meant what I said: there are 700+ TLDs listed at https://www.iana.org/domains/root/db and the percentage controlled by governments is declining - currently 297 country-code TLDs and a handful of other state controlled domains (including .com). ICANN has been giving out new top-level domains pretty generously and the vast majority of the new ones are non-state domains. Hence, the percentage of state/government controlled TLDs is declining.
No matter what the PKI system is, there will be more and less trustworthy actors around.
I agree that many state controlled TLDs are currently quite popular, but I don't see them as generally less trustworthy than the commercially operated TLDs. Both groups will contain some iffy elements, but I don't know if there's any way to build a system where iffy actors can't play. At least they can only mangle their own domains with DANE. And sounds like DNSSEC should be quite a bit more tamper-evident than our current CA sysetm.
No matter what the PKI system is, there will be more and less trustworthy actors around. I agree that many state controlled TLDs are currently quite popular, but I don't see them as generally less trustworthy than the commercially operated TLDs. Both groups will contain some iffy elements, but I don't know if there's any way to build a system where iffy actors can't play. At least they can only mangle their own domains with DANE. And sounds like DNSSEC should be quite a bit more tamper-evident than our current CA sysetm.