China, GitHub and the man-in-the-middle (Greatfire)

Well SSH style key pinning is scalable but is dependent on the first interaction being clean, which may not be the case in a network with pervasive SSL proxying. Pre-loaded key lists, assuming they haven't been tampered with, can flag for major sites that can be listed but in both cases most users are just going to click through any warnings to get to where they want to go.

The benefit is that the one user who actually pays attention can trivially demonstrate that the MITM is going on and sound the alarm.