So far, I have not heard of any issues from implementing encrypted HTTP (HTTPS) last month. Aside from some limitations on the number of subdomains supported, the service I used only encrypts traffic between the user and the service - traffic from the service to the BID Community server is not encrypted. Although not ideal, this approach does protect traffic from snooping when using public hotspots. A bigger risk that the service could start charging significant fees for the encrypted HTTP service.
In the past, end-to-end encryption was complex and expensive, involving yearly fees for the necessary SSL certificates. I have been evaluating Let's Encrypt (https://letsencrypt.org/), a service sponsored by the Electronic Frontier Foundation and the Mozilla Foundation that not only provides free SSL certificates but also dramatically simplifies implementation. I have successfully migrated two of my personal domains and will shortly be migrating a test version of the BID Community website.
Upcoming Events: