Some people browse with JavaScript disabled, for safety and security. Without a secure context there's zero trust between the client and the endpoint. Web Crypto requires secure context. Your suggestion solves no problems.