WebPKI Observatory — Government Risk
Twenty-three government-operated or state-owned certificate authorities hold positions in browser trust stores, though they collectively issue just 0.05% of publicly trusted certificates. These CAs represent sovereign nations' insistence on maintaining independent cryptographic infrastructure despite minimal market presence. Their continued inclusion reflects political considerations beyond pure risk-based trust decisions, as removing a national CA creates diplomatic tension even when issuance volume suggests negligible user impact.