If your browser and device has a state sponsored CA certificate it’s not trivial to bypass. Transparently all certificate traffic could be intercepted by an ISP. Look at Europe already trying. Once someone malicious (to you) is a trusted certificate issuer you no longer can verify either the destination nor the privacy of the content.
Ssl based vpns are also decrypted. And vpns which use public key for identification would no longer be trusted.
_haha_oh_wow_@sh.itjust.works 1 day ago
If anything like this becomes widespread, you can bet people will figure out all sorts of ways around it and if it becomes problematic enough, they’ll probably just stop using it.