An offshore company that is trusted by the major web browsers and other tech companies to vouch for the legitimacy of websites has connections to contractors for U.S. intelligence agencies and law enforcement, according to security researchers, documents and interviews. https://www.washingtonpost.com/tech...or-internet-addresses-government-connections/
I'm not going to lie, I have never understood how root certificates exactly work and how they can be a threat. I always assumed that if they are trusted by the browser, then it's all good.
Web browsers drop mysterious company with ties to U.S. military contractor. In the meantime I've un-trusted it myself.