There are several problems with this idea. The first is that of scale - the list of companies along with their associated products and proven-correct official web site(s) would be a nightmare to maintain. I would not trust it to be accurate just because of the scale. One possible solution would be for the company registration with government to include a list of web sites, but then you have the problem of merging company registers from multiple countries, and trusting government. Secondly, allowing volunteers to provide updates to this list allows an attack vector. Thirdly, it is trying to solve a problem that doesn't exist.
It's still best and simplest for a certificate to be tied to a domain, not a company. The last several years has shown that attaching a certificate to a company is ignored by users and doesn't add any security. Attaching a certificate to a domain is something that can be done with a high level of security and assurance, but attaching it to a company (or product) cannot be as securely done, and is information that is less useful.
It's still best and simplest for a certificate to be tied to a domain, not a company. The last several years has shown that attaching a certificate to a company is ignored by users and doesn't add any security. Attaching a certificate to a domain is something that can be done with a high level of security and assurance, but attaching it to a company (or product) cannot be as securely done, and is information that is less useful.