Thawte revokes personal email certificates - oh yes, I still remember the silly discussions that Verisign and Thawte as central signature authorities were much more trustworthy than the grassroots web-of-trust with PGP at that time. Funny, PGP (and now gpg) keys still work and will continue to work. And since a real web-of-trust was established there, it doesn't matter if a server in the gpg signature chain is shut down. But of course, the commercial certificates are much better ...