Sorry for the delay.
Yes, a trustworthy ISP with good competition from other ISPs is a good place to manage this.
This does not require breaking HTTPS.
Here's the idea:
1>A person uses their ISP to browse example.com
2>example.com makes the person an offer - remove ads for 50 cents/month.
3>The person clicks a button to indicate interest
4>Clicking the button submits a industry-standardised 'quote' document to the URL https://open.payment./ (1)
5>Now this is where the ISP magic comes in. The DNS name 'open.payment' does not resolve to the same IP address all across the world. In fact, each ISP participating in the payment scheme resolves 'open.payment' to its own server. The ISP accepts the quote document on behalf of the account using example.com and enqueus the quote in its customer account portal. (2)
6>The resultant page is served up by the customer's ISP. It gives the person the option to login to their ISP's portal and approve the quote. To defeat phising attempts, a sign-in seal is used (3)
7>The account holder (who may be different from the person who initiated the quote) authenticates to the ISP's portal.
8>The account holder reviews and accepts the 'quote'. This turns the quote into a valid 'order'.
9>The ISP immediately transmits the order to example.com, which acknowledges it. This order may include information to complete user account setup.
10>The ISP now owes 50 cents to example.com as the first month's payment. This may be paid to a designated account, or consolidated with other payments and remitted later to a clearing-house type of institution.
11>The initial person browsing example.com should immediately be able to start using example.com without ads.
12> (Complex scenarios) Usage by the account holder's entire household may be supported (without forcing users to log in)
For instance, suppose the ISP detects new connections originating from this customer account are accessing example.com. The ISP can then send a new 'permit'
document to example.com, specifying the source IP, port and timestamp of the new connection and quoting the previous order.
If the person's ISP does not support this scheme, they could use one of many virtual ISP that do, by VPN-tunnelling into them.
The ideas is built on plenty of previous precendent.
Precedents and previous work:
(1) Idea credit: Ariba cXML punchout carts. Like SAP OCI, these protocols return a quotation document to the originating user's system.
(2) Idea credit: Netgear routerlogin.net. Netgear Inc owns this domain. Netgear routers grab and reroute web requests to this address over to the local router's web-browser interface. That is, Netgear routers resolve the DNS lookup 'routerlogin.net' to the local router IP address (e.g. 192.168.1.1).
(3) Idea credit: Yahoo sign-in seal. This is a graphic pre-selected by the user to personalize their sign-in. It serves as a visual cue to help users confirm they are on the legitimate ISP page and not a phishing site.