[Thorrez]

Are you saying Chrome should block all script includes that don't have hashes? That'll break tons of sites. See "Don't break the web"[1].

Disclosure: I work at Google, but not on Chrome.

[1] https://flbrack.com/posts/2023-02-15-dont-break-the-web/

[LtWorf]

Also expired certificates break a lot of websites… should we disable checking?

[ameliaquining]

Certificate expiration isn't an unanticipated regression. You know when you get a certificate when it will expire.

[hyperdimension]

I don't mean to be pedantic, but not always--see the recent DigiCert delayed revocation issues. I will admit it is rare though and more often than not, you (should) know when your certs are going to expire.

[Thorrez]

Those websites set up the expiring certificate themselves.