Google has added a new section to their Transparency Report to cover how much traffic and how many sites are serving their sites via HTTPS and the results are pretty interesting.
Today we are launching a new section of our Transparency Report to track the progress of encryption efforts—both at Google and on some of the web’s most trafficked sites. Our aim with this project is to hold ourselves accountable and encourage others to encrypt so we can make the web even safer for everyone.
Here are some of the most important and interesting highlights from the new reports.
Google’s Own HTTPS Stats
Right now, 77% of the requests for Google properties (excluding YouTube requests) are served over HTTPS.
It is important to note that this is NOT the percentage of Google properties that are secure, but rather the percentage of requests to Google that were delivered over HTTPS rather than HTTP.
It appears that Google News and Google Finance make up a large percentage of the non-HTTPS traffic.
Third Party Sites
Google is showing information about many popular websites, chosen based data from both Alexa and Google’s own internal data.
First Google breaks out information on “top sites running modern HTTPS by default” and “top sites running modern HTTPS”. But the third list of “Other top sites” has very little in the way of secure sites, which shows there is still a lot of work needing to be done.
I was actually surprised that many of the sites on this list weren’t secure. For example, sites like Yelp, Trip Advisor and Twitch are all still running HTTP and not HTTPS. Google says these top sites “account for approximately 25% of all web traffic on the Internet.”
Google Wants to Help Top Sites Go Secure
Something else worth noting is that Google states specifically that they are open to working with the top sites to work on making them secure this year.
We are open to working with all sites listed below to help them move to HTTPS by the end of 2016.
This has two bonuses… first, working with Google. And second, making the site secure, which comes with its own tiny ranking boost.
Certificate Transparency Log
If you are having issues with a certificate and need to troubleshoot it, or want to see the historical use of an HTTPS certificate of any site, such as a competitor, Google is including this data in the Certificate Transparency Log. Google notes they have over 41 million entries made to it.
Websites use certificates to assert to users that they are legitimate, so browsers need to be able to check whether the certificate that you’re being presented is valid and appropriately issued. That is why this report also offers a Certificate Transparency log viewer, providing a web interface for users and site administrators to easily check and see who has issued a certificate for a website.
All in all, it is a pretty interesting peek into HTTPS at Google.
Latest posts by Jennifer Slegg (see all)
- Google Adds Autoplay Video Preview Clips to Search Results - August 21, 2017
- Cloudflare Credentials Stolen in Web Developer Chrome Extension Hack - August 18, 2017
- Google Search Console Sends Security Warning Notices for HTTP Sites - August 18, 2017
- Bing Testing Blended Local Mini One Pack in Search Results - August 15, 2017
- Google Still Ignores Last-Modified Meta Tag - August 11, 2017