Why should a new protocol offer the option to operate insecurely?

Nothing stops a proxy from handling SPDY, if the client trusts it to do so and doesn't mind getting MITMed.

Transparent caching is part of what makes http so great. Security is relative, you can authenticate content without encrypting it, if there is nothing sensitive about the content.

The authentication can happen external to the http or spdy transaction as well.

> you can authenticate content without encrypting it

True, but insecure HTTP provides neither authentication nor encryption.

> if there is nothing sensitive about the content.

Encrypting only sensitive content leaks information to observers and attackers, namely when you transmit sensitive content, and which servers you connect to when you do so. Encrypting all content eliminates that information leak.