CloudFlare + StartSSL is the way to go in mid-October
In my opinion, SSL should be enabled everywhere.
HTTP was designed without security in mind. It was 1989, when Tim Berners-Lee first proposed the “WorldWideWeb” project. At that time, the most important thing is to deliver web content to internet users. Things has changed significantly in the last 10 years. Sniffing plain HTTP content is easier than ever. People care more and more about privacy, especially when Non Such Agency use complicated monitoring infrastructure to spy their own citizens. Google, Facebook, Twitter, banks and other important websites already switched to HTTPS completely.
And few days ago, Google announced that they will take into account whether websites support HTTPS. In short, HTTPS will give you (slightly) advantage over plain HTTP.
SSL certificate has been free to acquire for more than a year by StartSSL. And by mid-October, CloudFlare will also support SSL for free. Therefore, by mid-October, all my self-hosted sites will be completely SSL.
Why not?