I don’t argue HTTPS is overkill for many uses, especially for websites that provide read-only, low-importance information, and I do agree with your underlying expectations of simplicity and performance. My replies are only there because you used several technical arguments that I consider slightly exaggerated. You mention “not in my case”, then it would be worth describing that case more precisely in the article (though I think I see the kind of small, server-rendered, simple website you’re talking about and that I also tend to ship).
“HTTPS considered harmful”, yes, but isn’t HTTP too? (cache)
My case is the only place where I publish: here. A place where I could hardly experiment anymore (cache) without a certificate anyway. Let’s plaid for a new norm (cache) at all costs, and then create a new one atop of it because users couldn’t trust it (us?) anymore.
For the sake of (false) security, all extra complexity is granted. GG.