"If Comodo knowingly misissues a Google Mail certificate, Google will nuke them from orbit" - tptacek
If Verisign knowingly missuses .com root certificate, Google could nuke them from orbit by making it public. That is the whole purpose of certificate logs. Verisign operate on trust and they are also certificate authority.
The damage to Verisign if they lost their status as certificate authority and as a trusted company would create so much fallout I am doubtful that ICANN and DNS would be left without major scars.
I don't think you've thought this through all the way.
That's not at all what "nuke from orbit" means. Google broke Thawte and Verisign. They didn't simply "make it public". Thank you for clarifying this; I could have been clearer. I think the distinction between what's possible in CT and DANE is much more obvious now.
If Verisign knowingly missuses .com root certificate, Google could nuke them from orbit by making it public. That is the whole purpose of certificate logs. Verisign operate on trust and they are also certificate authority.
The damage to Verisign if they lost their status as certificate authority and as a trusted company would create so much fallout I am doubtful that ICANN and DNS would be left without major scars.
I don't think you've thought this through all the way.