Brave taking cryptocurrency donations “for me” without my consent

So I typed my domain into the setup thing and I got this:

"Hello. It looks like you are using WordPress!"

"Your domain is NOT using HTTPS.Uh oh! Your domain is NOT using HTTPS. You will need to fix that before continuing."

"The following error was encountered: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: sslv3 alert handshake failure"

Why do I need to be using HTTPS before you'll think about paying me, Brave? I've been getting along posting comics on my HTTP site for an entire decade, and I'm really not interested in bothering to set that up. You are really not built with any understanding of the level of technical knowledge among people who make art, are you. And I'm unusually technical for an artist.

Oh wait there is a 'choose different verification method'. I can place a trusted file in my domain? Nope. Requires HTTPS. Or I can add a record to my DNS settings; let's try that... looks like I gotta wait for the dns to propagate, that's always fun.

We're always trying to make the verification process better. On the one hand, it's a pain. On the other, we don't want to let someone other than you pass themselves off as you. The DNS and HTML snippet methods are similar to how verification works for many of Googles publisher and advertiser services, for what it's worth. Sorry this has proven frustrating but I hope DNS updates for you soon!

> we don't want to let someone other than you pass themselves off as you

Wait, but that's exactly what you're doing to Tom Scott by collecting money in his name after he's asked you not to.

DNS still isn't updated, and I got signed out of my session on your site. I'll probably be signed out again by the time I check tomorrow, if I remember to.

I mean, they are not wrong, you should be using HTTPS.

That's a ridiculous complaint and you know it. Oh no, you have to wait 5 minutes for DNS propagation, what a scam!

Why? I don’t have any user accounts on my site. Just stuff. And I’m too busy drawing new stuff to try and get HTTPS working.

I had ads on it just fine without HTTPS. I’ve had PayPal links without it, I’ve had Patreon links. Getting Brave hooked up is a giant pain in the ass compared to everything else I’ve tried.

Half a day and it still hadn’t propagated. If I could just stick a snippet of text in my site somewhere like I’ve done to authorize with other things it’d be fine, but Brave wants me to dig into this site that’s been working fine for a decade and make it HTTPS before they’ll let me do that.

Most creators are less technical than me and wouldn’t have even gotten that far, and if Brave was taking donations in their name they’d never get paid out. Which kinda sounds scammy to me.

So just to compare:

I can set up PayPal donations by including a simple link.

I can set up Patreon donations similarly.

I’ve claimed my site with Google by putting a file in a hidden place. Worked fine over HTTP.

But Brave? Brave, I gotta get this ten year old site converted over to HTTPS. Or wait for DNS to propagate for half a day. All the while y’all might be “taking donations” for me that I’ll never see unless I get this sorted out. Honestly I’ve spent enough time on this that if I don’t see that your site’s seeing my DNS tweak when I poke at it today I’ll probably just see about making my site refuse to serve my content to Brave instead; I’m happy serving my stuff for free but not happy with y’all making money off of it.

Because not using HTTPS allows an end user's ISP to inject their own ads on their rendition of your website. Whether these ads are for third parties or are telling them about how much data they have left on their monthly plan, I think we can agree that protecting users from their scummy ISP or potential bad actors on their Network by throwing https onto your site is worth it.

I'm pinging our support team to see if someone can help you get to the bottom of this.