This problem was solved in the mid 2010s by Certificate Transparency. Every issued certificate that browsers trust must be logged to a public append-only certificate transparency log. As a result, you can scan the logs to see if any certs were issued for your domain for keys that you don't control (and many tools and companies exist to do this).

How do you connect to the log provider? Can't that connection be compromised too? It seems like something that browsers would not keep internally.

I wouldn’t consider it “solved” because most organizations and people don’t actually check the log.

And a malicious actor can abuse this fact.

Having Chrome/Firefox asynchronously check the CT log 0.1% of the time would probably be enough to solve that.

CT logging is mandatory, and even a single missing cert is probably going to be an existential threat to any CA.

The fact that someone is checking is already enough of a deterrent to prevent large-scale attacks. And if you're worried about spearphishing-via-MitM, you should probably stick to Tor.

How will you establish a connection to the CT log server? Seems like you need a separate way to handle that.