Comment by benlivengood

You have to validate from the other direction. Let CCD sensors sign their outputs, and digital photo-editing produce a chain of custody with further signatures.

Maybe zero knowledge proofs could provide anonymity, or a simple solution is to ship the same keys in every camera model, or let them use anonymous sim-style cards with N-month certificate validity. Not everyone needs to prove the veracity of their photos, but make it cheap enough and most people probably will by default.