Meanwhile, in cryptography engineering circles, I recall the general sentiment as being "at least they stripped all the weird attempted cryptography out of it, so it's just same-origin/TLS security now".