> ... they still need to MITM the connection ... and there has been no evidence of it happening
Because the parent you're replying to seems to be talking about any/all governments rather than just the UK, and I'm guessing your statement here was 'scoped' to the UK only - I think it's important to point out that this absolutely HAS happened on multiple occasions outside of the UK.
Only one of those links, the Iranian one, dated 12 years ago, is about a case where there was MITM with a bogus but valid certificate. The Chinese and Syrian cases are just straight MITM, a somewhat knowledgeable teenager could do that, and to the extent it'd work you should focus on things that's solve for the "knowledgeable teenager" case not the "What if state actors with unlimited resources target me?" case.
Twelve years ago is a different era, no Blessed Methods, no Certificate Transparency, pinning was new, which is why they got caught.
Twelve years ago is a different era, no Blessed Methods, no Certificate Transparency, pinning was new, which is why they got caught.