Firefox could soon block FRC.
Mozilla announced on their blog
that their Firefox browser will soon phase out access to non-secure HTTP websites. Any website that isn't HTTPS could be blocked. Pretty soon, FRC could see a decrease in visits by Firefox users who are unaware of the upcoming change. Is there a way we can encrypt this site?
Relatedly, a few versions from now Chrome's changing their UI to call out non-SSL sites as insecure.
1. Real, actual organizations (commercial or otherwise). In which case, they'll just throw a little extra money per year at their web host and it'll all just work.
2. Individuals making websites for personal stuff (portfolios, blogs, etc). These people will, depending on their level of expertise or ability, either do the same as corporations or try rolling their own.
3. People trying to learn how to run a webserver. In which case, they'll need to learn how to properly setup SSL anyways.
Advantages: Proper, secured connections for everyone.
Disadvantages: Things are slightly more difficult for very small fraction of the population.
People should know by now to look for a secure connection and a reputable business when doing any sort of commerce online or giving out their sensitive information, and if they don't, an SSL certificate is poor protection against scammers anyway, who could certainly set one up.
There's just no good reason to require this as an absolute except for some weird kind of techno evangelism. No thank you.
nginx just added an HTTP2 patch.