Solid answer. That actually makes a lot of sense to fight phishing and I can see it becoming a very useful tool once it is perfected thanks to it's open source nature guaranteeing that your server never even sees the private keys.
Thank you for your in depth response and good luck on the project!