HTTPS does not validate the trustworthiness of a site. Never has and never will. It only validates that the site has not been tampered with during transfer. Phishing sites can also have HTTPS, that doesn't make them trustworthy.