HTTPS in the real world
Take a step back and think about these HTTPS concept/infrastructure in real world. Is the private key really that protected? Or it sit in your laptop
right now open to all that NPM malware. Same thing to CA private key. Or we maynot even trust the CA anymore, example Symantec’s CA incident recently.