[forgotmypw17]

I disagree completely. Sometimes backwards compatibility is more important.

There are applications where you want maximum security (e.g. banking) and there are others where it is not only not necessary, but also a hindrance (ART, for example)

[david422]

> not only not necessary, but also a hindrance

It's always necessary. We've learned that with http connections, middlemen can inject adware or other crap into the page. https://www.infoworld.com/article/2925839/code-injection-new...

[Wowfunhappy]

Google, Apple, Microsoft, Raymond Hill, and others also have this ability, even with https, depending on your OS and browser. It all comes down to who you decide to trust.

You've made a judgement call that ISPs are inherently less trustworthy than every other party in the chain, but I don't think you should make that decision for everyone else, particularly given that you don't know what ISP they have.

[forgotmypw17]

With HTTPS connections, compatibility problems or even a clock which is set wrong can keep someone from accessing important information.

Not to mention that you are at the mercy of the SSL authorities.