HTTPS has hit another big milestone this week. According to a two-week long survey of telemetry data from Firefox, 50% of page loads were over HTTPS.
“For the first time, the running average crested the 50 percent HTTPS page load mark,” said Sarah Gran, director of communications for Let’s Encrypt, the free certificate authority. “We see that as solid progress when it comes to making the entire internet more secure.”
Three months earlier in October Let’s Encrypt saw over 50% of HTTPS page load requests over a 24 hour period.
“We are really excited about this two-week running average that clearly demonstrates much more stability in the platform and security online,” Gran said.
Hypertext Transfer Protocol Secure (HTTPS) or TLS as it is now known as is a communication protocol between your browser and a web server that provides an encrypted and authenticated connection between the two. The secure connection significantly reduces the threat of potential man in the middle attacks (where a user can capture your traffic between the server and your browser and collect your login information).
“Most sites are now HTTPS because… a huge portion of traffic is served from a small number of big sites. Twitter, Facebook, Gmail etc. all do all their things over HTTPS and that keeps that number quite high,” Hunt said. He wrote that still, only 18.4 percent of Alexa-ranked top million sites support HTTPS.
“There have been some other great contributions to the HTTPS ecosystem in the past year, so we can’t take all of the credit for recent adoption. But it’s no coincidence that HTTPS adoption exploded during the month that Let’s Encrypt launched and hasn’t slowed down yet,” wrote Josh Aas, the executive director of Let’s Encrypt.
It’s important to note that the primary push for HTTPS has been both the increased availability of cheap certificates such as Let’s Encrypt and CloudFlare but also because of browser security warnings and search engine rankings.
“For example, there’s the SEO bump Google started giving secure sites a couple of years ago. There’s also the fascination many governments are developing with intercepting everyone’s data, notably the likes of Australia’s Meta Data Retention law and the UK’s Snooper’s Charter (law),” Hunt wrote.
“Every time we encrypt even just another 1 percent of the Web, that is a massive amount of data that becomes protected,” Aas said.