about all the error messages from badly configured servers that warned me that the certificate was for a different domain
But I could get a different certificate for google.com (does tls without https use CAs?)
You *could* get a different certificate for google.com, but browsers would never trust it
Обсуждают сегодня