2 contradictory thoughts occurred to me A) What if proxy certs had a "Made at <X>" stamp on them (Does anybody do this now?) Would this help?
This has been discussed before, and that kind of stamp would be useless unless it came from someone trusted party (i.e., not the user) that "vets" the key pair: it's associated owner, it's location (maybe), it's level of protection, and so on. Having such a beast around would allow us to shortcircuit and circumvent a lot of the problems, so rather than using it as a patch to the patch to the original problem, it would allow for completely new usage scenarios.
But all we can do is stamp the public key, not the private key. We can't tell if a private key has migrated somewhere we don't want it to be.
Arguably, you don't really care about the location: you care about the protection. Key server A may securely transfer it to key server B for redundancy purposes, a key on a smart card moves around as the user moves around, and so on. And, as discussed above, you cannot argue about protection level unless the assertion is made from someone that "manages" the private key and which is somehow labelled "trusted", e.g. a MyProxy server or a smart card.[*] /Olle [*] Managed credential stores is a phrase that we use in an EGEE context for this kind of stuff -- see e.g. section 4.3 in DJRA3.3: https://edms.cern.ch/file/602183/1.3/EGEE-JRA3-TEC-602183-DJRA3.3-1.2.pdf