Fair but that’s not what Jonah said. He claimed Cloudflare couldn’t MitM when in fact they can. Then again, what you’re saying now isn’t a rebuttal but an admission of what’s claimed in TFA.
You don’t have to trust Cloudflare to do the right thing (though, they most certainly do). HPKP exists. PrivacyGuides should consider enabling that.