I feel the same way about letting a corporation control who can visit your site and when (CA TLS only). I personally tunnel to a VPS for browsing because my ISP, Comcast, will do MITM injections of javascript into HTTP pages. This notably used to break the Steam browser.
So the best solution is HTTP+HTTPS on the server and using HTTPS till it inevitably breaks (for legal, technical, social, or other reason), then the HTTP is there to keep things accessible. I'm not anti-HTTPS. I'm anti-HTTPS-only. And you should be too if you care about human persons over corporate use cases.
So the best solution is HTTP+HTTPS on the server and using HTTPS till it inevitably breaks (for legal, technical, social, or other reason), then the HTTP is there to keep things accessible. I'm not anti-HTTPS. I'm anti-HTTPS-only. And you should be too if you care about human persons over corporate use cases.