Towards usable and fine-grained security for HTTPS with middleboxes