A National Security Letter will not prevent the certificate authority from being blacklisted when detected, and there are at least some legal precedents for warrants (though not necessarily for NSLs) that could challenge a warrant if complying with it would effectively destroy the business (given that the business itself is not the subject of the warrant). If that isn't the definition of an "unreasonable burden", nothing is.
"A National Security Letter will not prevent the certificate authority from being blacklisted "
Sure it will, just send another NSL to the blacklisting instance.
And I do not understand that going to jail instantly is a smaller burden for you than living with the small risk getting caught.
Do you really believe the NSA or any of those other patriots do not have a few of the private keys for the certificates you trust?
> Sure it will, just send another NSL to the blacklisting instance.
Instances, plural, including both browsers and various cross-check mechanisms (pinning, certificate transparency, etc). Likely too many people required for operational security.
Not saying it couldn't be done, but it certainly couldn't be done lightly or often, and even then it would produce significant risk of exposure. It certainly couldn't be effectively used for widespread traffic interception.
> And I do not understand that going to jail instantly is a smaller burden for you than living with the small risk getting caught.
As mentioned, there exists legal precedent that a warrant/subpoena for information from a third party can't compel that third-party to provide arbitrarily large amounts of aid or to impose an undue burden. Findings of "undue burden" have been upheld for burdens far smaller than "this has a risk of destroying the entire business".
