Over the past couple of years, a flurry of developments and events have been happening in the world of HTTPS: from BEAST to HSTS to public key pinning and mixed scripting. Some of these are of abstract interest to technical users, and some require action on the part of webmasters. This talk will cover the broad brush strokes of these developments with a focus on how webmasters can take advantage of them and how to avoid silly configuration mistakes. In the latter part of the talk, a few expected future developments will be covered.