Bitcoin does this by storing a list of DNS hostnames, run by a set of the maintainers, that return periodically-updated lists of peers.

Previously, it also joined an IRC channel and got the list of hostnames from all of the other users in the channel.

Isn't that just replacing hardcoded IP addresses with hardcoded DNS hostnames? Not much of an improvement.

ah, point taken. i didn't think too hard about this apparently. if they had a host serving a list of trusted DAs, that host would be just as valuable a target.

Any Tor node could be a peer to distributed a signed piece of data.

Yes, but how does one locate a tor node without a directory server?

Maybe like Bittorrent DHT? The client could keep a cache of other known nodes. You could share them on pastebin versus having them b only hard coded. You could preloaded a hundred peer nodes, instead of 9 master nodes. It doesn't strictly eliminate the problem, but it makes it less likely that one or two governments can just shut it all down.

This is kind of how i2p does it. Currently i2p has like 6 "reseed servers" which bootstrap you into finding some other peers. Once you are connected to the network you then can contact "floodfill" servers, which are essentially a distributed form of the directory authorities. Floodfills are autonomously chosen routers on the network, and distribute other nodes to whoever asks.