The funniest thing about HTTPS is that its transition/enforcement exposed a lot of people who don’t understand why we need HTTPS everywhere, even if there are no logins (!!!)
To this day, if you open Twitter, Facebook Groups or Discord, you’ll find people complaining about Google forcing HTTPS down people’s throat.
one of my biggest regrets is that in the early 2000s when i was contributing to a webserver project i suggested that we should not allow people to log in via http but instead enforce https for that. or rather, use https for login content and http for public content. the devs liked the idea and promptly implemented it with the result that while it now was no longer possible to log in via http the server also could not show public content over https.
To this day, if you open Twitter, Facebook Groups or Discord, you’ll find people complaining about Google forcing HTTPS down people’s throat.