Good to know. (I found this thread by actually using the "search" function)
HTTPS provides authentication (through the use of certificates) as well as encryption. Of course, if you don't trust organizations like VeriSign, you need and out-of-band method for communicating the public key.
Since the forums seem to support HTTPS, the link from http://bitcoin.org
) should be changed to use HTTPS by default. Until about 2 months ago, I did not understand the need for ubiquitous encryption; even of publicly available information. Then I read this:
Advertising-UNISERVE shall have the right, without notice, to insert advertising data into the Internet browser used by a UNSERVE customer, and transferred to a UNISERVE customer over UNISERVE’s network, so long as this does not involve UNISERVE transmitting any personal information of the customer to whom such data is sent in contravention of the UNISERVE Privacy Commitment;
- Section 27e, My ISP's Updated Terms of service
PS: I don't use HTTPS everywhere because I leave Scripting disabled most the time.
PPS: I know my website does not support encryption. My webshost wants $200/year for a certificate.