Yesterday, Mozilla made a blogpost, stating that they will be “deprecating non-secure HTTP” - in other words, forcing HTTPS. I believe that this decision is harmful to the open web, and this is why.
First of all, for those who are not familiar with me - I actively encourage people to use SSL/TLS wherever possible. I do not believe that there is data that is “not important enough to encrypt”.
I do however believe that there are fundamental problems with the way TLS is currently deployed in practice, problems that absolutely need solving before a forced global deployment of TLS can happen. […]
Sven Slootweg : “On Mozilla’s forced SSL”.