I understand that http will still be supported but downgraded by both Mozilla's browser and Google search. How about distinguishing websites that are only static content, and websites that have some forms, or dynamic content.

I have a small blog on a home server. Basic HTML and static content and I don't care who views it. I can't get a static IP address.

Some things about this decisions doesn't seem thought out. -who regulates the companies selling certificates? ($5 for a cert seems shady), are cert companies fronts for others entities? -does this really prevent malware? -will self signed certificates get a bit more respect? -how does this stop Lenovo from adding preinstalled malware that circumvents security certificates?