ǝsuodsǝɹ ǝʇɐuoıʇɹodoɹd

Methinks a proportionate response would be to disallow/distrust Trustwave certs in the Mozilla browser for a period of, say, 6 months. This would hurt Trustwave, but not ruin them. And hopefully set an example that will make other certificate issuers weary of pulling similar stunts.