The first level, in other words, is less of a certification than a PGP key with self-signature and signature from one other person. It doesn't have _any_ effort to verify that the email address stated on it is the actual email address of that nym. Or am I misinterpreting you?
All the first level cert means, and nothing more, is "The name associated with this key is unique among the first level keys certified by Verisign." No effort is made to 'verify' the name. If you register your pseudonym with all of the high-profile CA's that allow it, before you first use the nym, it becomes much harder to spoof your nym's key. Assuming, of course, that it is customary for nym's to get their keys certified and for people to check them. Bill Stewart, I believe, informally operates a CA that will sign unique nyms keys. andrew