[boscillator]

That sounds like you've just made it so your app doesn't work behind a corporate SSL proxy. I really need people to stop rolling there own SSL stores (looking at you python, java and nodejs). I spend way to much of my time getting things running on my work laptop that should just use the CA store IT pre-installed.

[jeroenhd]

Is that a problem? What segment of Google's Apple TV revenue comes from people behind shitty middleboxes?

YouTube won't work on Chromecast if you're trying to MitM it, so clearly Google doesn't think this situation is worth making an exception for in their logic.

[JoshTriplett]

I can't help but wonder if any apps have tried doing TLS-in-TLS, with the outer TLS not caring about MITM, and the inner TLS doing certificate pinning?