According to multiple sources, Google has decided to simplify our lives again by removing "Secure" identifier in its Chrome browser for HTTPS sites protected, by what it deems, valid certificates.
This development is very unwelcome, as I recall them trying this in one of the earlier iterations of their browser to dismay of many security professionals, when we could not readily lookup certificate data from the address bar.
For instance, in my demo lab environment, I am using HTTPS inspection by the firewall/IPS/AV/Antibot/URL filtering and Application control device. Its certificate is installed in the domain's Trusted Root Certification Authorities. Therefore browser will see it as "Valid" and is presently indicating that the site is secure. But, importantly, it allows me to easily verify if the traffic is being inspected, or if it is allowed by the exceptions in the sites categorization:
HTTPS Inspected and Bypassed Certificate Indicators
Add to this Google's implementation of QUIC protocol, which presently could not be inspected and it's payload analyzed, the unilateral initiative with certificate issuance log validation, and it feels like Google deliberately making the life of security specialists difficult.