Even for wikipedia there are privacy implications of third parties knowing which page you are visiting and integrity concerns in places countries that want censor certain topics (e.g. China).
That's a nice concept, but even with HTTPS the GET string is often leaked (e.g. referrer strings, tracking URLs (like Google's prior to this)).
It is technically encrypted in HTTPS traffic but it isn't treated with very much respect so if you actually have access to all of the HTTP and DNS traffic surrounding a request you can often recover pages viewed.
Additionally, in a lot of these countries computers come pre-installed with a government root CA which they can use to impersonate sites like Wikipedia (although the USG does this too!).
DNS doesn't give the page you were on. Whilst some systems might have a government root CA on it, it's still quite possible to remove that - it's pratically impossible to remove ISP level monitoring.
Indeed. My static blog hosted on Linode behind Apache has survived a HN frontpage entry three times now. If I have to use HTTPS, does that mean I need a beefy server with lots of entropy?
Google, from 2010:
"On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead."
Entropy is a different matter, but I believe pretty much all virtualisation platforms have ways to ensure the VMs have enough entropy sources - so it should be fine.
No. My HTTPS blog hosted on Linode's smallest plan has survived a HN front page without any trouble. It's a myth that HTTPS causes significant resource overhead.
As for entropy, your server only needs a small amount of entropy to seed a CSPRNG, and the CSPRNG takes it from there.
I wrote about this a few months ago: https://rythie.com/blog/blog/2014/03/05/should-all-sites-use...