The main issue I have with HTTPS is that it's still not reliably possible to use name based virtual hosting over SSL because SNI isn't supported in some OS/Browser combinations that are still in heavy use (any IE on Windows XP, Android < 3).
This means that we're going to need many more IP addresses in cases where we want to host multiple HTTPs sites. This is a problem because we're running out of IPv4 addresses and IPv6 support within the range of systems not supporting SNI isn't that reliable either.
This might not matter that much in the future, because larger sites should still have enough IPv4 addresses, but it will hurt smaller sites.
In my case, I can't possibly offer SSL for all of our customers (most of them are using their own domain names, so no wildcard certificates) as back when I only got 32 addresses and it's next to impossible (and very, very expensive) to get more nowadays.
Windows XP support ends in April 2014. Android 2.2/2.3 is currently at 28% market share and dropping.
There's a point at where you have to drop support - even if you've got laggards. Look at the stats for your sites, find out the percentage of IE users on Windows XP. A quick sampling of 2 popular sites I'm running shows it to be around 2-3% for IE/XP users - I wouldn't call that heavy use, but obviously it's going to be different for every site.
Charge higher prices for those wanting a dedicated IP for their site - pass on the costs which you'll be facing due to IPv4 exhaustion. Prioritise the more important sites for dedicated IPs. If the site generates revenue - keep it on a dedicated IP for a bit longer, if not then it can share an IP with SNI.
I'm using SAN certificates (multiple domains on single cert) for that purpose. It allows me to put up to 100 domains on a single IP/certificate, which is fine for a low-traffic SaaS service. Premium clients can still get their own IP and certificate.
Browsers that don't implemenet SNI also don't implement HTTP 2.0. In fact, the upgrade to HTTP 2.0 on existing ports requires SNI. It is impossible to implement HTTP 2.0 with SNI.
This means that we're going to need many more IP addresses in cases where we want to host multiple HTTPs sites. This is a problem because we're running out of IPv4 addresses and IPv6 support within the range of systems not supporting SNI isn't that reliable either.
This might not matter that much in the future, because larger sites should still have enough IPv4 addresses, but it will hurt smaller sites.
In my case, I can't possibly offer SSL for all of our customers (most of them are using their own domain names, so no wildcard certificates) as back when I only got 32 addresses and it's next to impossible (and very, very expensive) to get more nowadays.