That's a chicken-and-egg problem, but it would be solved when there's suddenly a lot of site operators with a vested interest in knowing which CAs are likely to fail and which aren't. Right now there's not a ton of interest. CAs are basically selling a fungible, commodity product, so you just buy from the cheapest ones. Searching for "best SSL certificates" thus gets you a lot of articles reviewing CAs, but largely on the basis of stuff like price and ease of issuance. Because that's what people care about.
There would be a slew of reviews of CAs, judging their perceived odds of vanishing in a puff of paperwork, if there was an interest in issuer stability. CAs themselves could probably offer value-added features like guarantees backed by outside parties (i.e. an insurance product) that would pay costs associated with certificate reissuance in the event of malfeasance or incompetence on the part of the CA.
The market would provide, but there has to be demand. Right now there's no demand, because the consequences of getting a cert from a crap issuer has, historically, been approximately zero.
There would be a slew of reviews of CAs, judging their perceived odds of vanishing in a puff of paperwork, if there was an interest in issuer stability. CAs themselves could probably offer value-added features like guarantees backed by outside parties (i.e. an insurance product) that would pay costs associated with certificate reissuance in the event of malfeasance or incompetence on the part of the CA.
The market would provide, but there has to be demand. Right now there's no demand, because the consequences of getting a cert from a crap issuer has, historically, been approximately zero.