Encrypt everything by default is the way the world is going. SSL/TLS certificates can be obtained for free now. Eventually popular web browsers are going to begin displaying a warning or "not secure" when a site is running on http which could confuse visitors. For a site as old as this with lots of links, when the change is made, some care should be made not to mess up the redirection and there could be some temporary SEO type issues. It's probably good to get done sooner or later. Since revenue generation isn't much of a concern here I'd think it's best to just get it done at a convenient time for E.
|