Don't do your self the disservice of self-signed - you can get a free cert from startssl.
The CA landscape has changed.... what used to be expensive and required a lot of paperwork is getting cheap/free, and CAs are pushing "Extended validation" certificates and whatnot (the ones that turn your browser bar green, etc....)
Just hit up startssl and get a real certificate... it's that easy. No strings attached.
(Repeating this because I ignored it for about a year until actually checking it out and realizing I'd been an idiot)
ALSO
Given the single utility of this - just inline the scripts you need and avoid the request overhead. You can probably strip out all the functions you don't need to minimize the load time. You could offer a minimized version as well....
Thank you for advice about cert service! Awesome. Will request SSL cert right now.
I consciously left scripts uncompressed, so anybody can look what going on behind the scene. Also, I'll publish source code on github as soon as clean it up. Then I make compressed version.
The "other" reason to avoid a self signed cert is that a self signed cert still leaves your users open to a MITM attack. If your goal is to avoid a MITM, a self signed cert gives you nothing but more configuration lines in your webserver config.
The CA landscape has changed.... what used to be expensive and required a lot of paperwork is getting cheap/free, and CAs are pushing "Extended validation" certificates and whatnot (the ones that turn your browser bar green, etc....)
Just hit up startssl and get a real certificate... it's that easy. No strings attached.
(Repeating this because I ignored it for about a year until actually checking it out and realizing I'd been an idiot)
ALSO
Given the single utility of this - just inline the scripts you need and avoid the request overhead. You can probably strip out all the functions you don't need to minimize the load time. You could offer a minimized version as well....
ALSO
Very cool! Thanks!