For LinkedIn to actually verify that a user was an employee of a particular company, they'd at least need to know the e-mail domain associated with every company in the world so that they could use an e-mail address from that domain as proof of affiliation.
I'm not sure how LinkedIn could get that information without having a huge staff of people who verify each new, unique company that shows up in their user base. There are millions of companies in the world, most of them not as well-known as Google or Nike, some of which may not even have a web presence. Even if they're on the web, the domain they use for e-mail may not be the same as the domain of their public web site (I've seen companies with www.xyz.com vs. joe@xyz-corp.com). To add to the confusion, there are completely unrelated companies with very similar names. And companies are born and die every day.
Given the daunting nature of this task, I'm not surprised that LinkedIn doesn't attempt to validate the corporate affiliations of its users.
You say that 'John Smith' was able to connect to you, but you weren't initially able to connect to him. This sounds unsymmetrical, but I'm wondering if it is because you first searched for 'John Smith'. After this, he is allowed to connect to you since both parties would have shown interest in each other. I don't know if this is the case, but it might make sense to implement such a rule.
The unverified adoption of any job title of any company is still a pretty serious issue though.
When I go to set up a company page, it asks me to verify my company email at the same domain that I input for the company page. All these companies have the domain listed. Someone who is saying they are an employee of a particular company surely could varify the same way.
Not all companies issue emails to their employees. Users who are adding old positions may not have access. There are all sorts of headaches the other way around too. You have access to your domain and email because you just created the page but that doesn't mean everyone else will. It's a trade off both ways and there needs to be a better solution than what you're suggesting.
I'm not sure how LinkedIn could get that information without having a huge staff of people who verify each new, unique company that shows up in their user base. There are millions of companies in the world, most of them not as well-known as Google or Nike, some of which may not even have a web presence. Even if they're on the web, the domain they use for e-mail may not be the same as the domain of their public web site (I've seen companies with www.xyz.com vs. joe@xyz-corp.com). To add to the confusion, there are completely unrelated companies with very similar names. And companies are born and die every day.
Given the daunting nature of this task, I'm not surprised that LinkedIn doesn't attempt to validate the corporate affiliations of its users.