[nullc]

Massive downvotes but no responses.

Is it because you accept that the security provided by HTTPS is limited but don't like people calling that out?

It's better than nothing. But it is my perspective that as technical experts any time we are not absolutely frank about the limitations of the current model against powerful MITM attackers we are behaving unethically.

There is absolutely no reason for any major state attacker to compromise letsencrypt. Beyond the weaknesses I enumerated above state actors have their own CAs which are accepted by browsers and pinning is effectively dead ( https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning#Browse... ).

What exactly could a state actor hope to accomplish by compromising letsencrypt that they couldn't already do more easily and stealthily?