>I am saying that neither the security of telnet nor the security of SSH ... is sufficient for people to do online banking or shopping
Nobody claimed it was. Stop making things up.
>Not so. ... In the CA model, as long as both certs were signed by a trusted CA, the user gets no warning in the safe case, and a warning in the unsafe case (because the attacker can't get a CA-signed cert for the domain).
I think I understand what you mean by this now, and it's really the same as the next point.
>If you don't really care that Joe Public gets MITMed
I was very upset to read this, and nearly responded in a very inflammatory manner, but fortunately I gave myself time to cool off.
It appears that you have deliberately and in bad faith removed the important part of that sentence in order to change its meaning entirely. In fact your entire argument against anyone who disagrees with you seems to be based around the use of ridiculous straw men, so I see that there is no point in attempting rational discourse with you.