Well for starters, you could have active disabling of old keys. Not passive, where they just go away on such and such a date. Firefox 66.0.4 could have a set of keys it trusts. Those stay trusted forever, as long as that’s the version installed. In other words, if I don’t update, my browser and all addons I have installed stay working, forever, even if the mozilla foundation were to cease to exist.
When a new browser version comes out, then you can update what addons are trusted. And I have the choice whether to update or not.