"a long-term plan to mark all HTTP sites as non-secure"
HTTPS is really, really slow and I'm not a fan of Google's hacks to improve it. How about a long-term plan to make digital signatures work better? Most online content is public so all that matters is delivery integrity.