As you all know, currently browsing the Web relies on having "Certificate Authorities" sign the website's certificate. If it is not trusted, a big red warning comes up about untrusted certificates and how it could be a MITM attack etc...
I propose a system that is very similar to the Gemini protocol (Orion promised to support Gemini after all!), but for HTTPS: Trust on First Use.
It is exactly what it sounds like: upon loading a web page, the certificate is checked for being valid etc etc. If the only requirement not met is the "signed by CA" requirement, then a new, informative page should be presented, something along the lines of "Do you trust the certificate?" The certificate's details should all be shown by default so you can check that it seems right. You are presented with the option of accept or decline (in case of decline it goes back to previous page).
If you accept the certificate, it will save the certificate's fingerprint and expiration date in some form of local database, and every connection from thereon out must be with that certificate, otherwise the usual "connection insecure" error is displayed. (If the certificate is different and the current time is past the stored expiration date, it is presented with the usual "do you trust" message)
If the certificate is trusted (i.e. signed by trusted CA), the certificate is automatically allowed, but it is still saves in the database. Any connection that is with a swapped certificate will give an error, even if it is signed. This prevents attacks where the attacker has keys of a CA you trust.
