Some companies use monkey-in-the-middle techniques to decrypt HTTPS traffic and log it.
They do this by installing their own private certificates on your work machine.
An example is Bluecoat proxy:
“… unparalleled feature set includes user authentication, web filtering, data loss prevention, encrypted traffic visibility, content caching, stream-splitting and more…”
Say I log into my gdrive account at work. If I look at site certificate I find my connection is encrypted with a private key issued by a BluecoatProxy - not google trust services!!!
Can a Brave browser warn us of corporate spying?
Can it detect unusual certificates being used?
Can it allow us to register certificates we dont trust?
Can it block pages using unwanted certificates?
Can it allow us to select what installed certificates we trust?