Some things spring to mind... I foresee the G will, in an effort to "increase internet security", plop a new kind of certificates on the general public, beyond EV, which miraculously be supported by G CA and Chrome (and nothing else) from day 0. Hell, if they're audacious enough, they'll limit federated login (do they even still do OpenAuth etc?) to sites having a cert _they_ trust for your page, so no Turktrust, but also no Let'sEncrypt or Deutsche Telekom. Oh, and of course they want to push their transparency logs, which already, going from past reports, can take up to several days to process, because you know who runs enough servers to make sure they dominate those cryptoledgers and get their certs in on the fast lane.
The amount of long game the G plays is scary, better stockpile tin foil.