Everyone understands that SSL/TLS would be great to have on the core, but there are resource limitations. The problem with SSL on the Spark core is not encryption part, but the certificate management. That is why the Spark cloud connection is designed the way it is, with symmetric public key crypto for AES key exchange and then AES keys for the link connection. This has similar strength to SSL without having to do any certificate management and checking on the core, but can only talk to the Spark cloud (or someday soon your own personal, local cloud).
The Spark team has talked about using the cloud as a proxy to connect to other internet services like twitter and gmail etc. using a feature they have been calling webhooks. The idea is that your core talks to the Spark cloud and the the Spark cloud server acts a proxy to do predefined actions that you set up and authorize it to do.
While this is a really great idea, it is hard to strike a balance between convenience for us and being a good citizen on the internet. So I think this feature is on the way, but it is taking some time to get it right.