Yes. The _somehow_ is unfathomably more complex for SMS than it is for certificates. These two ecosystems don't even begin to compare the slightest, whether from technical perspective or from regulatory perspective. Warning by default would be completely pointless until there's a way to also achieve the opposite; a verification and "approval". It would just do more harm, and it would upend a tremendous number of legitimate businesses and use cases.