[threeseed]

Because the m/billions of users bar a few thousand will have no idea what to make of the warning. I mean I don't even know what constitutes a "normal" CA.

And to be honest who really cares. Countries increasingly are mandating invasive spying through legislation. Arguing over CAs is like rearranging deckchairs on the titanic.

[kristofferR]

It wouldn't be much different than certificate pinning is today, just a crowdsourced version.

Sure, the CA system should be replaced altogether, but that's going to take quite some time. In the mean time I think the idea I mentioned could be useful to avoid invisible man-in-the-middle attacks by the CAs. It only requires work by the browser developers, while changing from CAs to something else will take a major effort by everyone who's running a part of the web.