(no title)

Or, in the words of the NSA, "Trust, but verify".

I agree that HTTPS is bad though, as it is used. We only do one-sided TLS, not mutual. Most people don't verify the server's cert by looking at it. Most apps don't encrypt messages before they go over TLS. In a more secure world a proxy with stateful packet inspection would not be possible.

As is often the case, the problem isn't technical (or at least not mainly technical). Employers, governments, and ISPs want proxies that inspect traffic, either for CYA or to increase budgets by increasing situational awareness. For governments, situational awareness increases wins by enabling them to catch people they deem bad actors. For employers and governments, increased SA means a decreased chance of leaks and people not doing what they're supposed to do with their time. For ISPs, it means they can monitor the traffic and restrict certain things (like video streaming, or running a server from home) to increase profit.

I can think of at least one potential solution. Still, it requires a technically savvy public, a patient public, and money: Open Source phones in everyone's hands, circles of trust, distributed freenet with data passed E2E encrypted via gossip protocol when two phones get near enough for Bluetooth data transmission (figure 50m roughly) where both phones are within some N degrees of separation via circles of trust. However, this mean's getting/sending data is asynchronous with long delays and no guarantees.