[iancarroll]

> Because once you deploy the https:// address scheme, there is no going back.

Unless you send the HSTS header, that's not true. Even so, you could just set the HSTS expiry time to the certificate's expiry (which would have to be done within your code, sadly).

[cnst]

What do you mean it's not true without HSTS? Do modern browsers now automatically switch to the http:// address scheme if https:// is no longer available?

Because otherwise, unless you don't care about incoming links, bookmarks etc, there is indeed absolutely no going back, with or without HSTS. That's the problem, only solvable with opportunistic encryption.

And if you have dozens of domains and subdomains, what would you do in 2 years if this only CA is then kaput? The value of their offering is definitely above 100 USD, it would appear.

[technomancy]

> Do modern browsers now automatically switch to the http:// address scheme if https:// is no longer available?

Browsers do not, humans do.