Asking the right questions. :-) This is based on mitmproxy, so upstream certificates should be verified by default. I haven't played around with Chomper, but we have extensive tests for this in mitmproxy.
To be clear, compared to browsers you do loose some advanced mechanisms such as HPKP, Certificate Transparency log enforcement, Extended Validation certs, or revocation checking. I don't want to downplay this, but I would argue that this is not too significant for the average user, whereas mitmproxy is often a substantial improvement over what other non-browser software is doing.
To be clear, compared to browsers you do loose some advanced mechanisms such as HPKP, Certificate Transparency log enforcement, Extended Validation certs, or revocation checking. I don't want to downplay this, but I would argue that this is not too significant for the average user, whereas mitmproxy is often a substantial improvement over what other non-browser software is doing.