Nah, you've simply never lived in a country which is afraid of its own population and does (or tried to) MITM internet traffic. Mine does both, there was a scandal several years ago:

https://news.ycombinator.com/item?id=20472179

I'll take enforced HTTPS for absolutely everything, thank you very much. Preferably with certificate pinning and similar aggressive measures to thwart any attempts to repeat this.

Changing the links and doing nothing else would be a pretty dumb MITM. You could do a more complex variant which is not so easy to spot (targeting specific networks, injecting malware whilst modifying the checksum)

The key property of SSL that is useful for tamper resistance is that it’s hard to do silently. A random ASN doing a hijack will cause an observable BGP event and theoretically preventable via RPKI. If your ISP or similar does it, you can still detect it with CT logs.

Even the issuance is a little better, because LE will test from multiple vantage points. This doesn’t protect against an ISP interception, but it’s better than no protection.

People will argue with you because your initial quoted sentence is chock full of fallacies.

* Caddy's complexity (especially when it comes to TLS) is not arbitrary, it's to meet the needs of auto-renewal and ... y'know, hosting sites on TLS.

* Caddy's SDLC is not, as far as I understand it, especially rapid.

* Implying that "military grade" is some level of encryption beyond the minimum level of encryption you would ever want to use is silly.

* The Manjaro website is not "the equivalent of a poster", and in fact hosts operating system downloads. Operating system integrity is kinda important.

You may have reasonable arguments for sites that are display only, do not out-link, and do not provide downloads, but this is not one of those circumstances.