On Sat, Oct 18, 2014 at 7:14 PM, Roger Hågensen <resca...@emsai.net> wrote: > This precludes that a site has a certificate, and depite someone like > StartSSL giving them out free, sites and forums still do not use HTTPS.
We recently started doing this for whatwg.org. It was not a big deal (though quite a bit of work given the amount of subdomains we have) on a shared hosting provider. There's a whole bunch of reasons why most sites ought to switch to using TLS: https://wiki.whatwg.org/wiki/TLS I'd be interested in hearing why sites such as forums have not made the switch yet. If you're hosting passwords it seems downright irresponsible at this point to not use TLS. -- https://annevankesteren.nl/