The sentiment is unanimous
Opinion on how to act on that sentiment remains divided.
One of the reasons that opinion on how to act is divided is that the
discussion of TLS everywhere is focused on the value TLS is designed to
bring to secure Internet protocols rather than the total value proposition
of TLS which was always intended to be wider.
The point of VeriSign Class 3 and later Organization Validation criteria
and the Extended Validation criteria is to establish ACCOUNTABILITY. The
authentication is a means to that end and the encryption is a nice
byproduct.
People have been using TLS with no accountability but authentication. Which
was only bad because the browsers didn't differentiate between the two
until Extended Validation was deployed.
Using crypto is not a problem, telling people that they are safe when they
are not is the problem. At the moment the IETF does not use metrics to
determine how difficult it would be for an attacker to break a system. This
is my effort in the area:
http://tools.ietf.org/html/draft-hallambaker-prismproof-trust-00