> This one. Realistically all those devices are depending on external services already.
This is codifying (IMHO) bad practices and a really brittle architecture. Why would you want this? One of the reasons IoT security is a mess is that devices need to talk to internet endpoints instead of staying inside the NATted, firewalled LAN.
I think the NATed, firewalled LAN is an untenable concept: it blurs the line between private and public, a line that security requires making make clear and sharp. If it's connected to a network, it's exposed enough that we should treat it as connected to a public network (which greatly simplifies our threat model); if it's not secure enough for that, it needs to be built as local-only hardware.
The browser will still let you choose. It's just changing the default.
> For example in my home network I have different vlans: one for things i reasonably trust, and one for the chinese webcams and iot lightbulbs.
Congratulations, you are the 0.0001%.
> If my router has malware, even if i talk to it over https I'm screwed anyway, I don't think that is something I can fix with https.
Right, but if your lightbulb has malware and your router doesn't yet, then using HTTPS while talking to the router is pretty important.