[namesbc]

Did he really dismiss the huge benefit of https that my browser is guaranteed to receive the exact content that the site owner sent me, with an idiotic argument that while it prevents Starbucks or Comcast from pwning me, it doesn't prevent the browser. Really?

[twtw]

No. What he said is that Google says that https prevents MITM, but never mentions that they will still be able to do it. I don't see a dismissal, just a criticism of Google.

[armitron]

How many fiascos with CAs do you need, not to mention protocol issues, to stop believing in HTTPS guarantees?