On 11/15/2013 12:18 PM, Poul-Henning Kamp wrote:

Now that we are going to be going for preventing pervasive surveillance,
I hate to be the one to bring this up, but that is not in any way
shape or form inside the WG charter
This is no surprise.

I am approaching the conclusion that it's impossible, anyway. Given that a government subverts even one CA with a certificate that is honored by the browser, a man-in-the-middle attack that would fool the naive user becomes trivial.