[hasker]

Yes, but that would be likely detected, and the CA that had its private key stolen or coerced for government use would be exposed nonrepudiatably. All browser makers would immediately drop the bad certificate. In the case of targeted connections, this may avoid detection though.

[4ad]

You seem to be unaware that businesses (and governments) can legitimately buy keys that allow MITMing SSL connection or they could just be a CA themselves (no problem for China).

It is annoying that people downvote you instead of explaining your error in your assumption about SSL.

[hasker]

Yes, but then that bogus certificate is in the wild. Once once someone has a copy of a bogus certificate, then they can prove that that CA is corrupt. That CA loses its business model. What I am saying does not prevent one-off attacks, but all it takes is one person to capture a bad certificate to discredit a CA. Hence it would not work in a universal censorship scheme as Google is combating. Maybe I am still overlooking something, and I suppose China could just SSL proxy the whole country, which would defeat all of this.

[4ad]

You are very confused about how SSL in the context of HTTP works. Here's the best talk I know of this subject:

BlackHat USA 2011: SSL And The Future Of Authenticity: http://www.youtube.com/watch?v=Z7Wl2FW2TcA