I think you might be describing DANE: DNS-based Authentication of Named Entities - Wikipedia
It is proposed in RFC 6698 as a way to authenticate TLS client and server entities without a certificate authority (CA).
The major stumbling block with DANE is getting browsers to adopt it. Also, some people really don't like that it relies on DNSSEC. As @rg305 points out, you have to use something to make sure that the DNS records are authenticated.