[pavon]

The post states that any new features including something as simple as a CSS property will now require a secure context, regardless of whether the new feature exposes more security risk or not. This is a marked departure from the declarative markup vs imperative scripts distinction that you make, or any other risk analysis which has guided which features require a secure context in the past. It doesn't distinguish between simple web pages and web applications. Instead it is a blanket policy that if you don't encrypt, you will not be able to use any modern web standards, period.

[ilikethiscmnt]

Correct me here if I'm wrong but the linked article actually uses the example of a new CSS property as an instance of something that would _not_ require a security context.

[Ajedi32]

No. It says a new CSS color keyword would not require a secure context, but that a new CSS property likely would.