HTTPS is not secure when we talk about China it is false sense of security! Last case 7days ago: http://www.theregister.co.uk/2015/03/24/google_ssl_cnnic/

That's fairly off topic - I mentioned that HTTPS is somewhat irrelevant here since Baidu is located in China, and anyway a forged certificate could not be used in a mass attack like this one since the issuing CA would come to the attention of browser vendors rather quickly. For the record, hopefully Google's upcoming Certificate Transparency feature in Chrome will help address the general issue, although who knows what kind of adoption it will have in practice.

http://tirania.org/blog/archive/2014/Nov-12.html here is what Miguel of Xamarin has to say

the old one was great the new one looks even better

;) you know such nation?