[lallysingh]

I'm hesitant to relax here. Blue Coat's got a nasty history of making money off of the regimes that'd do this without hesitation:

https://www.newsrecord.co/us-based-internet-surveillance-tec...

[Aoreias]

Sure, but if they started issuing MitM certs ANYWHERE then Symantec would have no choice but to revoke the CA's certificate. It doesn't matter if the CA was functioning for a corrupt regime or a well-intentioned business legitimately MitM'ing employees traffic.

If Symantec didn't revoke the certificate then it would almost certainly lead to their root certificate being untrusted by major browsers and destroy their entire certificate business.

[lallysingh]

Between the time of issue and renovation, a lot of people can get arrested, monitored, or blackmailed.

[glasz]

that's how the beautiful rule of law works. damage done, people killed, complaint rejected, "overruled".