They also advocate for if not enforce HTTPS. Would this be bad if they were also a trusted CA selling signed TLS certs to companies?