> You obviously don't actually understand CAs. Thawte, at the very least,
Cor.. you are in a bad mood today ;)
> check that your certificate from Companies House is valid, they correlate
> this against the data you put in, and the whois lookup. They have also
All of which is public information. Everything you have mentioned so far
can be circumvented.
> spent money and effort into making sure that the the key distributed with
> the browsers is, in fact, theirs. That, and the actual management of the
> *real* root key.
And what happens when their key is comprimised?