There seems to be a dearth of information on the topic. I'm aware that Firefox and Chrome have already started putting non-secure HTTP warnings on sites that have fields that ask for things like passwords and credit card information, but I'm not able to find if/when HTTP will finally take the bullet and be depreciated for good.
Trying to search on Google, DDG, or reddit does no good because search engines seem to disregard the terms "HTTP" and "HTTPS", probably because they just trigger any and every website.
Everything I can find is old news about the depreciations that have already taken place, but what I'm really looking for is the future plans in the works for HTTP to be blocked in the browser for good. I seem to remember reading that HTTP would be dead in 2018 but now I can't find it.
If anyone is privy to Firefox or Chrome development threads that discuss this can you please let me know? I'm trying to convince a (fucking lazy) buddy of mine who hosts a phpBB site and has refused thusfar to implement HTTPS, even though Let's Encrypt has been free and easy to implement for over a year now and I have had no issues doing it with the stuff I host.
Please show receipts, not speculation, because I've already got plenty of speculation and just can't find anything in development channels that can help show me what's in the works.
I figured this community would be the best place to ask! Newb here so please forgive me if I break any rules.