In reply to Phill Hallam-Baker.
Thank you for your comment and for your contributions to the development of the web PKI. We do feel this is a fundamental flaw in the trust the certificate authorities place in the routing infrastructure. Domain validated certificates inherently rely on demonstrating control of web services that are validated through the network. BGP attacks that manipulate network routing can directly interfere with this validation process.
As indicated in your comment, we also agree that improvements are needed across many different layers including the PKI and routing infrastructure. More rigorous validation processes like multiple vantage point validation and improved routing security can substantially reduce the damage and viability of attacks like this. We plan to cover some of these topics in a followup blog post that we are currently working on.