I'll discuss some of what EFF has been doing to help this process along, to make sure that HTTPS is more widely used, more secure, and easier to adopt by end-users and web site operators. Although the past year has seen more vulnerabilities and attacks on HTTPS (including some pretty fancy cryptographic attacks), it's also seen dramatic growth in how and where HTTPS is used, and renewed attention to how to make it better and safer.
If you're a web site operator, there's lots for you to do to protect your users with HTTPS and HSTS. (The search engine Duck Duck Go has even integrated rules from HTTPS Everywhere to protect its end-users by returning HTTPS-protected search result links!)
If you use the web, you can help ask your favorite sites to improve their security with greater use of HTTPS. If you care about HTTPS, let's talk!