>>/19634/
I say this  >>/19635/ for TOR case, but if you mean normal tls used in https pki then there are many attacks
just an example: use your own CA to issue imbersonating certificate for target, since most governments control some CA and normally browser trusts them all equally