Sorry, that should be the browser's local environment, not just the browser itself. An obvious example is sslstrip
Right. Which would still work if all HTTP connections were replaced by HTTPS with self-signed certs, as you proposed. sslstrip, which must have MITM control to do that downgrade, would just terminate the connection and re-encrypt it with its own cert.
Which is why PKI HTTPS everywhere is the reasonable solution.
Of course. That happens.
Right. Nothing can protect you if you deliberately undermine it.
Loading static resources from other domains is very common. Especially ad networks.
Right, and SRI is certainly useful, but you still need PKI HTTPS on every site to bootstrap it. And since the only reason to avoid HTTPS is to avoid the encryption penalty, automatically generated self-signed certificates wouldn't be used anyway.
Sorry, that should be the browser's local environment, not just the browser itself. An obvious example is sslstrip:
https://moxie.org/software/sslstrip/
> Which require a cert signed by a CA already in the client's machine.
Of course. That happens.
> If you don't have HTTPS, how can you be sure that the SRI hash wasn't tampered with?
Loading static resources from other domains is very common. Especially ad networks.