The same BlueCoat Proxy technology that Syria was caught using can Man-In-The-Middle (MITM) SSL interception, so https everywhere is not a panacea against hostile regimes! Even without breaking SSL, a firewall can still detect the website being accessed (through lookup tables or TLS+SNI), so when everything goes to https, blocking by domain will still succeed.
For more granular blocking, Syria would need to break SSL/TLS through MITM. Browsers detect these privacy breaking proxies, so for users to not see warning messages, the "attacker" needs a Certificate Authority (CA) signing certificate that the user trusts, either control of a CA that is in the default key set shipped with the OS or browser, or the ability to push a key down to the client.
As a measure of security, the latest Firefox includes "Public key pinning" which limits which signing certificates will be trusted for a small set of very popular and often-targeted HTTPS sites, including Twitter.
Realistically, hostile environments with no need to stealth will just force MITM on all sessions and block anything that looks like encrypted traffic (e.g. Tor). It's not like Syria has to worry about their reputation getting any worse.