@Smooth Newt - But what I really object to is having to use poor protocols and being made vulnerable to downgrade attacks because the server operator doesn't believe that data protection is a priority.
So have it flag them as insecure protocols.
Have a "score" by the adress bar that rates security from 0-10, where 0 and 10 are green (i.e. "current best practice HTTPS or HTTP) is fine. Have scary warning pages, and limit access to anything 0<x<5 to RFC1918 adrewsses only...