Fascinating!

If i understand this right Pablo,

this could solve an even bigger problem than a single attack on your entity.

I actually raised my point because there is a growing amount of services like verifications and online clients where you need to log in with your private key to use the service. Meaning that everytime you use a service you share your private key to an external provider outside your reach.

With a second pub key that whitlists your profile and overwrites the old key you could do a refresh and let the private key expire. This would bring the need to log in again to external services but would add the safety feature to make sure that theese services, if get corrupted one day will not mess around with your keys and conquer an army of entities at once.

This would bring much more safety and less headaches to the entire eco system.