Yep, same here.
On topic, Google, I appreciate the focus on security, but stop deciding to simply implement however YOU THINK the web should be working. Ok, technically, it's just a change in the browser, but the semantics are obviously meant to "encourage" everyone to switch to HTTPS. However a good idea some of us think that is, it's not up to you.
This is why people are getting freaked out about the power you hold. You're starting to demonstrate that you're not afraid to *use* that influence to simply push things to work however you want them to. You've already done that once already by pushing forward an SSL-related change far ahead of when it really needed to be, and now it looks like you're floating a trial balloon to go one step further.
Am I overreacting here? Or is Google going too far, too fast with this?
They are most certainly going to far.
Last week, with the latest update of Chrome, they started putting a yellow warning triangle on any cert with SHA1 encryption. While SHA1 should be avoided, they are issuing what is basically a big "FUCK YOU" type warning. There were a number of CAs that didn't provide an option for anything else up until last year, so basically Google is forcing site owners to pony up for a new cert ahead of cycle, or do the paperwork to re-issue a cert and then re deploy it.
Likewise, Chrome is now bitching about lack of "public audit records" that have barely begun to be deployed with CAs, Let alone something that every certificate and domain have yet.
The changes mentioned in the article are not the first attempt at screwing with the function of the symbols in the address bar.
That little lock is one of the FEW things that end users have properly picked up on as part of security, now Google is undermining that. Instead of getting certs to "their standards" (who the fuck voted them boss on this?) they are going to end up teaching users what happens up there doesn't matter.
For a long time, people feared the Internet turned into something only the sanctioned big players could play in, assuming it would be media producers, TV networks, large telcos and internet providers.
Instead, we have Google doing it. If they succeed, the "little guy web site" is going to disappear from the internet.
My response is going to be "Chrome doesn't work right anymore, switch to Internet Explorer" Not going to bother complying to a standard that is unreasonable and unwanted at this time. Sure, in the FUTURE, however rushing shit through in a few months is pant-on-head retarded and extremely arrogant at the same time.