@clusterfcku @0xF21D @BuckRogers1965
Most governments have their own CA. Maybe not officially, but then via e.g. the telephone monopoly or similar.

And browsers just trust all of them.

Which is why I for years have considered the http encryption to be more secure than https. At least the "rot-zero" of http doesn't give a false sense of security