[marc3842h]

There are situations where http is wanted, the best example are public WiFi networks. Showing another big warning for non-https sites would scare the users more than it currently does with them visiting a https site the first time they're on a public WiFi.

[ravenstine]

Hold the phone. Public WiFi is where you want your connection to be encrypted at all times. A WiFi login page should be encrypted without scaring the user just because its certificate is self-signed. Beyond that, any connection that is encrypted on public WiFi is better than one with no encryption. I don't care if I'm looking at pictures of dogs and cats; it's not the business of other people on my network to sniff my activity and see exactly what I'm reading, even if they can see my DNS activity. Users aren't in control of whether a site supports HTTPS, thus it's a courtesy, given the ease it takes in implementing HTTPS, that even "innocent" web services do so.

[marc3842h]

I do agree that encryption is especially required on public WiFi networks. But WiFi login pages error because they mitm your current, encrypted connection. Your proposal would additionally add an error in a case where the user especially chose a http site to not receive a error because they're getting mitm-led. I never had any wifi login page that used a self signed certificate.

[RandomInteger4]

Then providers of public wifi need to stop using a MITM to provide wifi access. This is an opportunity for better technology to be developed or implemented or made easier to implement or whatever.