I don't think we need WebKitTLSErrorsPolicy anymore since the web is a better place than it was 15 years ago. Applications that want to ignore a particular error can still use webkit_network_session_allow_tls_certificate_for_host(), which should suffice.
I don't think we should remove it. I'm sure people will complain and ask us to bring it back. Being FAIL the default is enough.
Really don't think there exists any valid use-case for this API in 2023. What's wrong with telling applications to use webkit_network_session_allow_tls_certificate_for_host() for bypassing certificate errors?
So even though I don't think apps should be using this, it's not really a big deal to expose since it's pretty small.