You can't MITM an SSL session with validly CA-signed certs unless you've pwnd the CA, web server or end user's machine. And I don't know what you're going on about with regarding "no real cert validation". If it's valid, it will be validated. There's nothing wrong with it when it's done right.