Many of us already trust certificates we shouldn't be.
It's not even this blatant in most cases. About 6 countries have issued certificates for Google, India being one of them. And they all made use of the fact that they were part of the trusted root certificates on our systems.
It's not even this blatant in most cases. About 6 countries have issued certificates for Google, India being one of them. And they all made use of the fact that they were part of the trusted root certificates on our systems.
https://www.quora.com/Why-are-HTTPS-requests-not-cacheable-b...