Salut Guillaume,
please allow me to put these two quotes adjacent:
Zirias there is two reasons for me to think that's a good idea: privacy and security.
(EDIT: HTTPS authority trust issue is a real problem too as you mentioned it, that should be adressed indeed)
I'd argue here: What exactly are "privacy and security" if not just nice-sounding buzzwords when there ARE issues that aren't solvable in an easy way?
I don't think having even MORE HTTPS hosts would do any good -- in fact, do you think the already sometimes lacking quality of authorization with certificate issuers would'nt be further impaired, when there are masses of new certificates, and authorities that provide them at (nearly?) no cost? In general, for trust, I prefer the "web of trust" idea of PGP over the authorities used with X.509. Unfortunately, this is not applicable to business. So, you say the issue should be addressed indeed ... well, but how? At least, there is no simple solution.
Then for the point you make about surveillance .... well, of course this worries me, too. Still I think there are more important problems than the web pages I'm viewing while browsing. It's still a problem, I just don't think HTTPS is THE solution. From all these stories about surveillance and secret services, the one thing you probably pick up is "trust nobody" ... and of course this doesn't benefit the certificate authorities
edit: I just became aware that this is getting a bit off-topic, because the thread originally was about this forum ... and of course, there ARE accounts involved, as well as private content, so some encryption should be in place. Only encrypting where necessary seems fine for me, but as someone pointed out the private messages not being encrypted by default, this shows how easy it is to miss something when trying this ....
Regards,
Felix