It's hard to switch to a more secure method later on if you start with a less secure one. So, "upgrading" to PKI from something else only makes sense if that previous system was secure enough - but then why would you want to change?
If the delegation information expires, which it should to ensure that it still is current, then it should not be so hard to upgrade the security of the system. As for why, that's so that people will actually start using the system instead of fretting about who holds the keys to it all. Similarly, this should all be about OSS systems, and not touch any routers or BGP processes at all. It is up to the individual ISP to decide how they want to use the information and how and when they want to push it into their BGP speaking routers. --Michael Dillon