Tor software has the public keys of Tor directory authorities built-in. But it needs to trust those directory authorities to provide true up-to-date information about the network (Tor clients download the public keys for all the relays which are currently online and are deemed to be OK by the authorities, from the authorities (or their mirrors - everything is signed by dirauth keys.)) If the dir authorities are compromised, Tor clients are screwed.
You have to start trusting someone in a web of trust (or in wherever.) Just because you can do smart end to end encrypted communication with all the relays / with everyone you want to, someone has to guarantee that you're not being MitM'd (during e.g. DH key exchange.) At least that's my understanding anyway.
Sorry, haven't looked into namecoin. But I would presume that as long as you already know the domain name, no MitM can happen, and no explicit trust has to be placed onto anyone. This is true for, e.g., Tor hidden services, wherein if one knows the .onion name, they'll know if messages coming from that service are actually from that service, because they'll be signed by an ephemeral key that is itself signed by a key the fingerprint of which is the .onion name itself. (This is a gross oversimplification, and I could have made a mistake anyway..)
If a similar scheme is true for namecoin addresses, then the situation is better indeed.
You have to start trusting someone in a web of trust (or in wherever.) Just because you can do smart end to end encrypted communication with all the relays / with everyone you want to, someone has to guarantee that you're not being MitM'd (during e.g. DH key exchange.) At least that's my understanding anyway.