As for the "don't touch https connexions" that's an increasingly unrealistic request, given that:
1. entities *do* have confidential informations they don't trust their users not to leak (and with good reason, some will post anything on any public web site without thinking of the consequences, especially when they've reached an organisational level where they feel immune to IT policies)
2. big web sites have started to crypt everything, killing cache performances if you ignore https (and they profile you anyway, so don't be duped – https is not improving your privacy there, killing proxies is also a way to protect their data gathering from anonymising intermediaries. Direct user access is best, especially when the user is IT-illiterate)
3. all the junkware vendors have started tunnelling every kind of dubious traffic on port 443, since they've discovered that was way easier than answering their customers' questions when their customers' security teams discovers said junkware is trying to breach the firewall via a forbidden port. (see also, websockets)
4. I'm quite sure spammers and phishers will make good use of crypto to hide their tracks as soon as there are enough https nodes to exploit
In other words, "don't touch https" means giving up on any firewall-like defence perimeter, trusting users will behave when they have no IT security culture, trusting no software installed on your system is going to leak data or even backdoor you via network accesses masquerading as https, trusting no web site you access is going to grossly abuse bandwidth and latency by serving badly-optimised content, etc
Does this level of trust seem compatible with the world we live in?
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds