First, we're monitoring our SSL certs expiration dates and whether a sample page is loading securely. When it gets within a month of the expiration or if the page loads something insecure, we'll get an alert in our #server-status channel.
Second, you'll find that our main website will send you to the HTTPS version if you go there using plain old HTTP. It used to do this only if you needed to login or signup.
The website also links to WebClient as https://play.sindome.org instead of http://play.sindome.org. This means, unless someone manually chooses so, the majority of new WebClient users will be browsing and connecting securely.
I don't think we should force all WebClient usage to https, I want to keep it optional there in case there are https problems that might affect everyone or just an individual needing to temporary connect from something that only http will work.