0x6a61: most browsers support integrity (hashes, not signatures)

My use case is a little bit different. I'd like to have a countermeasure against a compromised web server (in contrast to compromised CDN for which SRI was designed). The difference is, that the attacker is able to alter HTML files and therefore the SRI attributes.