There are ~40 governments trusted to sign certificates by major operating systems.. For them, HTTPS is trivial to MitM unless you're pinning certs

@SimpleX Chat uses self signed certificates

Awesome

Won't the certificate headers still be visible to peeping toms?