Thoughts on Google’s strike against non-https sites

Dave Winer wrote about Google’s recent strike on non-https sites.

When big companies try to force you to change your web site, say no. The web does not belong to them. Defend the web. The answer to Google is no.

I am torn on this. On one hand, I absolutely hate that Google wants every website owner to go through the hassle of obtaining certificates and enabling https — even if it’s a plain simple text blog. But on the other hand, I realise that it’s too much to expect that regular users understand the technicalities of which sites have to be secure and which are ok if they are not.

Making all sites secure will shift the onus to the site owners rather than the readers. Those who know how to, will find a way to do so. Those who don’t are hopefully with platforms, like Wordpress, that are making it simple to enable https. It can’t be a loss for anyone, can it?