have spent years chatting with Tim over Lasagne at Tortellas on Thursdays
Tim initially sought to defend the nascent web from monolithic FUD spreading 'embracers & extinguishers' - and he did an amazing job. Now, however, a million strong 'security' army has quietly subverted everything on the web, in 13 different ways for every ten that you can guess! it is almost - but not quite - beyond repair.
We know some of the ways out of the problem, e.g. the new "Trust" model for the near-future internet has the usual problem that key personalities on the standards' committees are biased by their covert employers to avoid at all costs things like PERFECT FORWARD SECRECY and numerous other real steps-forward. The eventual suggestions from our standards organisations are often slightly poisoned.
One of these subtly poisoned steps is the idea to improve the CA/Browser "trust" by implementing "Certificate Transparency", an idea that means you'll need to personally check a ZILLION certificate logs to try and spot an MITM, allegedly
http://blog.okturtles.com/2014/09/the-trouble-with-certificate-transparency/ has a good overview.
I think asking questions, trust but verify the responses, is one of the ways out and a UK Digital Bill of Rights could certainly help, CESG could even help write a bill that maintains the proportional level of national security that they seek. Put that in my dossier that you are compiling, guys/gals!
it's not like our web/phone meta-data is being used to bomb children anyway?