It's definitely not that easy, sadly. We could turn on site-wide SSL tomorrow, except for the fact that people can include content (images, videos, etc) in their entries loaded from other servers, and that content isn't always (isn't often) served over a SSL connection. If you have a page served over a secured connection that contains unsecured content, most browsers will throw errors, fail to load the unsecured content, or (at the strictest security settings) refuse to load the page entirely.
It's not an unsolveable problem, and we've spent a lot of time talking over the question of how we can solve it, but we haven't found a good enough solution yet.
no subject
It's definitely not that easy, sadly. We could turn on site-wide SSL tomorrow, except for the fact that people can include content (images, videos, etc) in their entries loaded from other servers, and that content isn't always (isn't often) served over a SSL connection. If you have a page served over a secured connection that contains unsecured content, most browsers will throw errors, fail to load the unsecured content, or (at the strictest security settings) refuse to load the page entirely.
It's not an unsolveable problem, and we've spent a lot of time talking over the question of how we can solve it, but we haven't found a good enough solution yet.