For CAs that'd likely get them kicked out of browser trust stores if someone detects it. And if it becomes known that a corporation pushes government-malware updates then that corporation would lose trust too.
So playing that card means moving the entire planet into a lower-trust equilibrium where everyone has to defend against that.
In a better-coordinated world the conclusion from that would be "let's not do that", alas on this Earth TLAs have shown that they're willing to burn the commons, forcing a response like RFC 7258.
So playing that card means moving the entire planet into a lower-trust equilibrium where everyone has to defend against that. In a better-coordinated world the conclusion from that would be "let's not do that", alas on this Earth TLAs have shown that they're willing to burn the commons, forcing a response like RFC 7258.