while redirect list from http to https may not seem that bad, its still security practice based on trust of central authority. this central authority may affect following: - non inclusion of site to the list based on political view - central server may be down - central server may collect ip information upon access however, the latter list "malware list" is already being misused. this list is basically based on user reporting. domain names may be flagged as "distributing malware" for whatever reason anyone thinks. web is distributed and web browsers should not rely on any centralized trust based security principles which moves some control of your browser to third party services.