[tomjen3]

If you had checked my web-browsing over the last week it wouldn't be very hard to make an argument that I should be in psych facility, based on the number of suicide related searches I did. In all cases it was purely static content, but in the wrong hands it could be a huge issue for me.

I am only posting it here to prove a point: even static content can reveal a lot.

[byuu]

I don't think SSL is all that great for protecting broad interests.

If you are going to ten different domains in the same span of time that all contain suicide content and someone is snooping your connection, they can correlate what you're doing from the server names (especially if one of the domains has the word 'suicide' in it), even without seeing the page content or path portions of your web requests.

For exclusive content sites, it's a dead giveaway. If someone went to my domain (byuu.org) in HTTPS, then it's pretty obvious that they were interested in emulation, regardless of the encryption. There's already tons of services out there categorizing domains on the internet.

SSL's primary benefit is for form submissions, not for static content pages.

For something like that, your best bet at the present time is a service like Tor. Which even that isn't really perfect.

[zzzcpan]

It's a good point, but most people don't care about that or government surveillance. Any friction introduced by things they don't care about will be seen as annoyance and will be ignored at best. And since absolute majority of websites are likely to stay on http forever - warnings won't do much good and probably will get disabled again in the future.

The good news is: more sites will switch to https.

[jacquesm]

And it would be so much easier to make a murder look like a suicide with a (public) search history like that.