What Neil said really.
HTTPS is a drive by Google to get sites to change the fundamental way in which they are rendered, and the security settings behind them, which also involves purchasing a certificate. The cost of the certificate is neither here nor there when compared to the hosting and running costs of this site altogether, so that is not the issue. However, functionality is, and various parts of this site would cease to function if it were to be HTTPS, not to mention the work involved in amending the coding, so that the bits that would still work, would, well, still work.
It arrived in the consciousness of the public mind because Google announced that websites that are not HTTPS would be penalised in their search ranking results. There was a mad rush by everyone with a website to get it done and there was plenty of hype in the media. Consequently people now go through life believing that the world will implode if a site they visit isn't HTTPS. The power of Google to alter and influence people's minds is enormous.
There is no sensitive information on this site, and Member's password information is encrypted. The IAP site is HTTPS, but they had to change their software to do it, and is now a pale shadow of its former self (in my opinion anyway). There are no plans to make this site HTTPS for the present, since there really is no need, and I'm sorry to say that for now at least, I am not prepared to invest weeks of work and thousands of pounds in new software simply because Google have successfully misled people into thinking that HTTPS is essential. If we all bought things on this site or uploaded sensitive data it might be different. But we don't, we upload photos of pens and talk about them. Hardly state secrets.
