Warranty protects the end user if the SSL issuer (RapidSSL, Geotrust or Verisign) mis-issue a certificate.