Thanks for checking the clients and responding to my question.

Aren't the SSL issuing authorities and domain registrars also an opportunity for MITM attacks?