Again, we need to keep things under https for several reasons:
- we want to avoid your information to be stolen, according to the regulations at many places (let's not make a list at this point) it is the domain's owner responsibility to keep user data protected, erase it in case the user requests it, etc
- we are preparing for launching Arduino for schools, and minors' information is even more sensitive than the one for adults
- we are about to launch a store, and there safe connections are pretty important
- there is no way we are going to just use POST to send the data over the net, we were doing it in the past, just because our technology wasn't ready. If you want more reasons why you could just take a look at one very easy example: http://codebutler.com/firesheep
with tools like that one, available for anybody, anyone could take your data just by sitting at the same open WiFi you could be using ... not talking about an expert doing it, but literally anyone
- you are right about the ajax solution to send the information, and it is among the list of things we might implement. But we have a long list of things to do before that, that is why I said this feature request will come, but I don't have it in my roadmap yet :-)
I hope I could make our concerns regarding security properly understood.