Two things...
Proxies are a thing, and stripping the Expect-CT header is trivial.
Any CA can generate a valid SSL cert for any domain.
Two things...
Proxies are a thing, and stripping the Expect-CT header is trivial.
Any CA can generate a valid SSL cert for any domain.