At the moment we are just as everyone else vulnerable to malicious certificate authorities issuing fraudulent SSL certificates.
CA pinning is in the works. References:
Not perfect, not only pinning the certificate fingerprint, still depending on two CA's but at least not on a massive amount of them.
Once done, we should apply for it.