I do think badges are the perfect solution for this. Verify whatever you want, issued by whomever. One-off pubkeys could also be used to prevent people from correlating badges about a single person. Also, private badges?
i'm quite curious about how to make a keychain for identity, since this can dramatically strengthen the security of the signatures. i never did read up on how xpubs work, maybe i need to look at this soon. i'm working on a keychain right now, and this would be an opportunity to establish a method to do this with nostr.