If you're connecting to a clearnet site, you probably need HTTPS _more_ than on a standard connection - you _explicitly_ have a node between you and the site that you don't necessarily trust (see, e.g., https://nakedsecurity.sophos.com/2015/06/25/can-you-trust-to...).
