It bears saying of course that the TLS system has some weaknesses, some of them possibly unavoidable.
An important example: the system depends upon users paying close attention to the content in the url bar. At first glance, you may not immediately spot the differnence between, say:
amazon.com and arnazon.com.
TLS encryption is not intended to be an endorsement of the business practices the website engages in.
A second (possibly obvious) weakness - TLS encryption is difficult but not impossible to crack. Certainly, say, a government with a team of programmers would have little problem, for example, cracking GoDaddy’s private key and thereby spoofing any website of they want.