Feb 14, 2017
SSL certificate (TLS and/or SSL) is now available for The Mad Tea Party. In other words, you’ll be connected via https. Most of the browsers will either show a lock icon or a green address bar. If somehow you are still connected via http, don’t worry. By simply adding ’s’ at the end of the http will redirect you via secure connection. If you are here to check on the project I’ve mentioned earlier, I am still working on the details. (haven’t even started coding!)
Now here are some of my concerns on Google overly praising certificate-based protocols. Google Search algorithm has recently been updated to rank the websites with the certificate higher than those do not. The problem I see is that TSL does not necessarily protect the users. It will stop 3rd party from snatching the connection. Think of it this way; https makes your purse essentially invulnerable against pickpocketing. In real world, it helps to fight censorship. Because that’s how the automated censorship works, by snatching your connection from the ‘inappropriate’ websites. But the idea that information available on https is more accurate than the ones don’t is simply low. To get a certificate with authoritative-sounding name is very possible and probable; it is undeniably most common form of man-in-the-middle attack. With the new algorithm in place, you can not only look legitimate, but be promoted as legitimate by none other than Google itself.
Speaking of fighting censorship, I’ve come to realize and have succumbed to the idea of letting people in via SSL. During 2008 protests in South Korea, the old website was either banned as inappropriate or vandalized. And quite frankly the damage was more severe on the other vocal websites than mine. The only reasonable solution at this moment, to even discuss the maddening material, and to have some breathing room in the entrance, was to use SSL. Again using South Korean example, most of their censoring can be easily bypassed once the website is using SSL. That includes most of pornographies and anti-South websites. I won’t indulge North Korean propaganda, but considering the nature of this website and its discussion, and considering where South Korean censorship has left the people in terms of internet usage, SSL is a must.
But again, here comes the question of price. Right now, The Mad Tea Party is not using anti-adblocks. It is primarily reliant on ad revenue for hosting, but if a user wishes to avoid all ads I will force him/her to see one. It has been a losing fight anyway, and it should be the job of adblock developers to promote proper monetization. That really boils everything down to how much additional cost we are talking about with SSL. This is a website for discussion. There is little to none to lose. But the cost of SSL service per year is around $40-60 a year, which honestly makes me to beg for money. Considering SEO, it is now effectively smothering small websites of its already limited revenue or to relocate itself entirely to Blogger or WordPress.com instead of hosting itself.
updated Dec 17, 2017: retitled from “Some Opinions on SSL” and edited for readability.