That makes sense. I'm much less interested in the phenomenon of CF-as-global-TLS-MITM than I am in how responsible they are being with the position they've accrued, and handling vulnerabilities like this is a big part of that. So the fact that CF is in a spat with Google is a big deal to me, but I understand that's not the case for everyone.