[vtlynch]

No that is not the entire point of a CA. The insurance that the big commercial CAs offer now is a farce. No end user has actually received the money for two reasons:

1. breaches that qualify are often written off by the underwriter as "gross negligence" or other such behavior which basically allows them to nullify the contracts and pay nothing

2. situations where the breach could be covered by the terms of the insurance are incredibly rare. Most situations where SSL compromise is at risk would not be covered. The insurance only helps you if the CA causes you damages through their own actions. In one of the most famous cases, the breach of the CA DigiNotar, the underwriter said that DigiNotar misrepresented themselves and invalidated all their policies.