Certificate Transparency is to detect compromised or malicious CAs, and typically only lets people know about problems after the fact. How would OCSP help with a self-signed certificate? What CA would the OSCP request go to? And cert pinning only works if you've visited the site before while not being MitMed.
A lot of these extensions to TLS help secure popular sites like Google, but they don't scale to the many small-but-important sites such as your local credit union. Instead of adding so much complexity, it's much easier and safer to keep current behavior and warn on self-signed certs.
A lot of these extensions to TLS help secure popular sites like Google, but they don't scale to the many small-but-important sites such as your local credit union. Instead of adding so much complexity, it's much easier and safer to keep current behavior and warn on self-signed certs.