There is... and it is long since been filled, have a look at http://www.cacert.org/.
Not filled. No more than partially addressed.
Last time I looked into their offering I couldn't get more
than 6mths, was physically located absolutely nowhere
near anybody with any transferable trust, still had to
explain to my mystified customers why they were being
'forced' to accept a root trust (beforehand) and still had
scary messages with which to contend. It still costs to
get transparent 'trust', the sort everyone expects
nowadays in commercial/ecommerce situations.
Then there's the knotty issue of only one cert per SME
with respect to (open or commercial) certs. And Cacert
had great trouble with servername.mydomain.com and
plain old mydomain.com that was preferable for the site.
So "filled"... no, not yet.
[PostEdit: amended 'SSL' to 'cert']