My point is that verifying that the content doesn't change is by itself not enough. You also have to verify that it was secure to begin with, and that is much harder, especially for your typical end-user.
That's a separate problem to solve. But for audits to even make sense you first need to solve the problem of sites changing under your feet, i.e. enabling TOFU.
