Re: Why would Apple (or anyone else) want to be in the loop?
One possible improvement would be that keys are generated and stored encrypted with another key - the private key of which is sent to a third party. So if Apple's giant DB 'o keys was stolen, the miscreants would also need to steal the third party's giant DB 'o keys as well. This would also prevent rogue elements in a phone OEM from hacking/misusing access to the keys.
Companies like Apple could get out of the business of being the arbiter by giving keys upon request by the third party, and the third party would get the unwelcome job of being the arbiter. You could even have more than one third party - though they'd all have to agree a request is legit but that way you could have one in the US, one in China and one in the EU, for example.
In order to make something like that work the US, EU and China would need to have some sort of treaty to make it all work, which is the genius part of the plan - it would take so long for them to negotiate this all that half of us would be dead by the time we have to worry about this :)