[PeterisP]

While there are ways to compromise CA's (e.g. like you say, by nation-states for their intelligence goals), it is important to think about the appropriate risk profile.

For a NatWest customer accessing their internetbank, the expected, quite frequently observed risk comes from organized phishing teams pulling off mass semi-automated scams. For an attacker that, getting a certificate signed by a fake CA is unrealistic, and the concerns that you list aren't going to change anything since they're not going to do that anyway. On the other hand, getting a misleading certificate signed by a real CA and passing it off as the real thing is entirely feasible by this type of attacker, so fixing that is important.

Nation-state hacking, censorship and advanced persistent threats aren't what's causing the most damage/problems to most people on the internet right now, the multitude of random criminals is the largest issue. If you have to worry about a CA "compromised by nation-states through legal coercion", then this by itself means that you have a very different risk profile than pretty much everyone else; and the risk-reducing activities that make sense for you shouldn't be expected to be relevant for others and vice versa.