I've held that opinion and I was wrong.

I still hold that opinion, though reduced to situations where there are other ways than full-blown TLS to get authenticity.

Due to a lack of options for putting signing pubkeys into DNS or something like that, this requires the loaded page itself to be delivered over TLS. Bulk content can rely on subresource integrity, but may need a fall back on TLS to successfully load the content in the presence of MITM. This fallback can likely be done via a small script, either inline or also served via TLS.

> Due to a lack of options for putting signing pubkeys into DNS or something like that

Yes and there is https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Na... for that! We just need community to adopt it, and move away from the mess of a system CAs are.

No, that's for putting TLS pubkeys into DNS.

I'm complaining about a lack of support for signing keys. Think IPFS's IPNS (though that goes a bit beyond just signing keys, as it includes DHT-based retrieval with just the key (and notably lacking an address).