I want to start a petition asking @Steam_Support to use Full Site SSL, as a gamer living in China I no longer feel safe using plain HTTP.

I would guess the reason for Steam to maintain HTTP in community and store pages would be to display non-secure cross-site content. BUT:

There isn't any workaround: using VPN with Steam client is strictly prohibited, for good reasons.

My worry: plain HTTP leaks personal info.

So basically @steam_games put me in a position easily trackable and identifiable by my ISP, and whoever controls them.

I should also mention Steam store front is pretty unusable these days because plain HTTP can easily trigger keyword censorship in China.

To my English-speaking audience (living outside China), this is a good move to protect your personal info as well.

And remember Steam used to have Full Site SSL, and then they disable it, in a way that force users to browse Steam store over plain HTTP.

I am not saying Valve doesn't have their reasons, but I am arguing those reasons don't hold when most e-commerce sites manage to go SSL.

We understand the potential risk of enabling full site SSL. It's a tough decision and we believe going SSL is the better one, for both chinese and global users.

虽然我们知道全站 SSL 加密会带来什么可能风险。

但从如今的情况看，不加密，我们的个人信息太容易被 ISP 获取了。长远来看这不是个好事。

我有几个论点：

- 如今各种关键字触发商店页面无法访问的情况，是否可以继续？

- Steam 是强制商店与社区页面不使用 HTTPS。改为允许用户选择使用 HTTPS，是否可以？

- 如果你身在国外，是否也想被 ISP 知道你的个人购买能力？

- Steam 本来有一段时间是允许 HTTPS 的，我认为没有技术问题，除了社区页面上的站外 HTTP 内容可能无法显示这点。

综上所属，这是我的提议。

如此大规模技术调整，需要时间与人力的投入，「用户需求」毫无疑问是一个重要的驱动力。如果你支持我们的请愿，欢迎在这个官方贴发表你的支持。