It's reasonable to suppose that the NSA have a whole bunch of private signing keys for a whole bunch of CAs, and will just MITM anyone they please regardless of our puny efforts.
I'm not sure that's a safe assumption and, regardless, an active MITM attack is a much bigger deal than passively collecting traffic as it flows past you in the clear.