I'm not sure I agree with "edge case disagreement". TLS, for example, has shown it's limits (e.g. CA hijacking) and was improved (e.g. CT). However, someone had to find those edge cases and discover the limitations of stated assertions: "2010 TLS was safe under the assumption that the CAs are not hijacked."
Ok. So, are you saying that we should stop using HTTPS and instead use HTTP? If you are not, what is your point? Is it not under the 100% correct but missing the point label this article is talking about?
Well, you could use HTTP over an IPSec tunnel with a pre-shared key (obviously distributed face-to-face), and that would have been resistant to a CA being hijacked.
However, nowadays, I believe with CT HTTPS is really safe. But again, someone had to nitpick on the security limitations of HTTPS for CT to be invented.
