cross-posted from: https://lemmy.world/post/3301227
Chrome will be experimenting with defaulting to https:// if the site supports it, even when an http:// link is used and will warn about downloads from insecure sources for “high-risk files” (example given is an exe). They’re also planning on enabling it by default for Incognito Mode and “sites that Chrome knows you typically access over HTTPS”.
Is there a secure option that uses all the features minus the 3rd party certificate parts?
No, they were working on a solution a while ago, where a website would list what CA it used so you couldn’t get a random CA to issue a cert, but that effort was abandoned iirc.