Comment by zdw
The TLS issue mentioned can be more easily conceptualized if you view the root CA lists as "The people you're OK with MITM-ing you".
And then whether your trust in the browser vendor coalition to push back against and punish even accidental CA malfeasance are reasonable.
The crux of the issue is reasonable people can disagree on what is OK at a large org.
Security, like every human, believes they’re the good guys.
Platform teams cannot enforce the principle of least privilege.
Truly a paradox.