I appreciate the use of the tripwires for detecting the modifications, but the article also suggests using them to fight the practice. This is basically a man-in-the-middle attack, so wouldn't using secure http prove a better solution than tripwires? Anyone know why you would prefer to use the tripwires?

Latency and throughput of HTTPS is much much worse than pure HTTP, the original paper has more details on this.

That actually really surprises me. Is this just a limitation of the major implementations, or is there something fundamental about the design that slows it down? (I'm not familiar with the details of the protocol)

Protocol itself is ok, the problem is that it is tunneled inside TCP, so on top of TCP SYN/ACKs you have HTTPs certificate exchange and then cypher negotiation just to establish connection. Once established the cypher becomes another slowdown.

Would it make things unbearable? I've accessed https websites and I didn't even know they were slower up until now. Am I missing something?

That makes sense. Thanks.

I posted a comment but then I read it and it was stupid. Obviously something happened to it in transit.