How would adding additional CAs improve security? By the very nature of the CA trust system, each CA is itself a single-point-of-failure/exploit (though certificate pinning and other measures improve this somewhat).