Removing the need for a certificate – HTTP downgrading

There's a common thread in the previous historical musings: people develop deeply ingrained habits, and they need an electronic slap in the face to verify that everything is working as expected. SSL certificate shenanigans are a thing of the past. So, what if we simply removed the need for the certificate? Well, the communication would fall back to HTTP instead of HTTPS, and the address bar would show that. But, if the browser isn't expecting a secured site, it isn't going to display any alerts – and a user who isn't paying attention to clues more subtle than a giant red warning screen may just continue browsing. Enter the SSL strip technique, also known as HTTP downgrading. 

I know what the hacker in you is thinking: I thought SSL strip was dead, thanks to HTTP Strict Transport Security (HSTS). Very astute of you, and you're mostly right. What this does for us is essentially add a layer of visible quirkiness that we hope the user won't notice. Trust me, it's worth testing whether the user will notice. So, what does HSTS do to HTTP downgrading as an attack, and what are we going to do as a bypass?