Re: It's simple
There is a very simple backdoor in SSL/TLS based protocols ...
1) record all IP packets between client and server (see ISP or any vampire tap in an internet exchange DC)
2) request and receive the server certificate's private key (see RIPA)
3) decode encrypted traffic using server private key (see Wireshark etc)
So, not impossible, just mostly unwarranted (pun intended).