If you have a busy site, let the CDN act as the TLS endpoint. CloudFlare and CloudFront already support this, though CloudFront charges 25 to 60 cents extra per million hits for HTTPS.
If you have a very slow uplink shared by several subscribers, the operator of the intercepting caching proxy can act as an automated CA. Then each subscriber can add this CA as a trusted root CA. This increases the number of people who can view or alter the communication from two (the endpoints) to three (the endpoints and the proxy), but that's still far fewer than every single router between the endpoints, which was the case under cleartext HTTP.
DANE also relies on a centralized component: the DNS root servers. Adoption of DANE has been lagging for two reasons.
- DANE relies on DNSSEC, whose public key is only 1024 bits. This short key length is the primary reason why Chrome doesn't come with DANE support.
- Some domain registrars that bundle DNS service have decided to treat DNSSEC as an upsell, making it available only to subscribers to "premium DNS". GoDaddy falls (or fell?) into this category.
You mentioned one recurring cost in the article.
Without that required cash each year, without the SSL certificate that you must re-purchase every year in perpetuity – you can't encrypt anything.
But that's not the only recurring cost of a move toward HTTPS.
Let's Encrypt offers certs for any website that has a FQDN in a registrable domain. This covers the public web. It does not cover a private home LAN on
192.168/16. It's possible to get a cert from LE just with a domain and not an HTTP server using the DNS challenge through the
dehydrated client. but then each home user will need to buy a domain.
Thus the need to pay $15 per year to Gandi or another registrar to continue to renew a domain for your home LAN will replace a certificate as the recurring cost.