More Costs, More Barriers, No Accountability? Oh my!

[ErikSArnold]

I am all for https when it is needed, but a blanket mandate would have the following repercussions off the top of my head.

1. Cost -- Has there been some basic analysis in terms of the cost of implementation? The total amount would be quite shocking to the American taxpayer, I think.

2. Roadblock to Embracing SaaS -- This would be (yet) another roadblock in having government websites embrace SaaS / web services which often rely on CNAMEs for domain masking (which can make https difficult and / expensive).

3. Lack of Accountability -- If an application that should be running https is not (and what is this number -- government web sites generally serve static content), then someone should make that one application adhere to https with some major punishment for the potential breach of trust with the public.