Wow... this is the most serious TLS issue I've seen since following these things.

It's bad, but the WebPKI of the oughts featured CA certificates issued to random big enterprise IT teams that could simply issue arbitrary certificates. We've come a long ways.