There is no need for blockchains to address the issue of compromised private keys. In the context of credentials, this could be solved with endorsements. Of course, if the idea of a credential is that of a mummified object, like a parchment, then a blockchain is probably a good enough solution. Alternatively, if credentials are treated like lively social objects that are being used, enriched through experience and endorsed, i.e. digital records trusted by many other entities and supported by many current pieces of evidence, then we have the foundations for a mechanism against fraud: in order to have any credibility, a credential created with a compromised key would be very easily be singled out as being not referenced by other entities in the network. Of course, it would be the same for a legitimate credential not connected to any other entity, but, what value could we assert to a credential that has not been enacted or ignored in the real world? Who could trust a doctor that is not trusted (endorsed) by peers and/or patients?
Transferred in the human world, the argument of ‘security’ offered by the blockchain (“rewriting the entire blockchain” to defeat the system) is: in order to create a valuable credential created with a compromised key, the beneficiary would have to create something akin to what in the world of espionage is called a legend: s/he would need to create fake endorsements from fake entities, something that would easily be spotted by a not too sophisticated network analysis—unless the creator of the fake credential had been able to compromise many other private keys from potentially credible endorsers (then again something that could be spotted by a not too sophisticated network analysis!).
This being said, there is probably some value in exploiting blockchain technologies, but only at the periphery, not at the centre of a credentials architecture. Blockchains are straightjackets and people must be free to break from the chains of conformity and conformance.
Why should we need to be enchained to be trusted?
Why should we need to be enchained to be trusted? A humanistic trust infrastructure should consider that its basic components are the people, not a technology nor an algorithm. We are the infrastructure! We have the power to trust—and distrust— and technology should remain ancillary to this power, not transform us into the servants of a technology.