[bpatrianakos]

A speaker icon isn't making a judgement as to whether that sound is good or bad. Turning no-ssl into a warning is like having the browser judge you for being poor or cheap or incompetent. Not having HTTPS does not mean that you are insecure, it means the site isn't encrypted. There's a difference. Whether the lack of SSL makes you vulnerable to shenanigans depends on a lot of factors having nothing to do with SSL encryption and everything to do with the site content and what one may gain from snooping on your request or manipulating the response. Sometimes there's nothing to gain there.

[alexhill]

Some sites are in theory fine without encryption or an alert. Others are definitely not. The problem is that the browser (software) can't possibly know the difference, especially because the sites that "should" be encrypted is a matter of circumstance and varies from user to user. Some might say that the user should know the difference, but I think we can reasonably call that a huge cop-out.

So in order to show an alert whenever sites that should be encrypted aren't, you just have to show an alert all the time. The SSL everywhere movement and Let's Encrypt are about making encryption easy enough for sites like yours that it's practical to do that.

Basically, your site being encrypted, even if it doesn't specifically need to be, helps to improve security of the web as a whole.