WebPKI Observatory — Government Risk
Thirty government-operated or state-owned CAs hold root store inclusion but collectively issue only 0.05% of certificates, indicating their trust privileges far exceed their public web presence. These CAs primarily serve domestic government infrastructure and may operate under legal frameworks distinct from commercial operators, including sovereign immunity from certain compliance actions. Their presence in global root stores creates potential jurisdiction and governance conflicts, particularly for CAs incorporated in regions identified as high-risk for compelled disclosure or surveillance.