I can not see how that argument could possibly follow. For the record, I do not think that Google Mail neither easily could, nor should, switch their domain.
Even if the argument is, and I do not think that it is, that domain validated TLS certificates for the .com top domain are the only CA signatures worth considering, it is important to note that it is comparably more straightforward for the government department in question to seize those domain names if needed.
A domain registry PKI where domain ownership is cryptograhically asserted can never be less secure than the heterogenous global CA directory we have today, in any possible sense, not for domain validated certificates.
Sure it can. The domain registry PKI for Google Mail is literally controlled by the USG. They can compel different names to be given to different people, and there's no CT system to monitor it.
s/PKI// and the sentence still holds true. The argument for CT is good, we still need CT logs no matter which kind of PKI we would like to see. But surely the security of other domains outside of Department of Commerce control are of interest too?
Just substitute "US Government" out for whichever government controls the TLD you're thinking of. You'll be no better off; none of them are more trustworthy than Mozilla and Google are.
(I don't find Mozilla or Google to be especially trustworthy, of course; I simply have absolutely no faith in the reverence government agencies have for the sanctity of the DNS. Something about the way they publicly brag about manipulating it probably has a lot to do with it.)
I think the idea that we should vest more Internet trust into the DNS, the one bit of core Internet infrastructure governments have demonstrated any kind of deftness at manipulating, seems, respectfully, pretty nutty.
Even if the argument is, and I do not think that it is, that domain validated TLS certificates for the .com top domain are the only CA signatures worth considering, it is important to note that it is comparably more straightforward for the government department in question to seize those domain names if needed.
A domain registry PKI where domain ownership is cryptograhically asserted can never be less secure than the heterogenous global CA directory we have today, in any possible sense, not for domain validated certificates.