Jump to: navigation, search

Timeline of HTTPS adoption

1,763 bytes added, 13 April
no edit summary
| 2013–2014 || The move to HTTPS continues, with laggers in webmail and search catching up on encryption, and Google beginning encryption even for non-logged-in users. Toward the end of this period, Google begins aggressively pushing for the whole web to go HTTPS, first by stating that HTTPS will be a search ranking signal, then by declaring that Chrome eventually intends to mark all plain HTTP sites as not secure.
| 2015–2017 || This is the period when the move to HTTPS intensifies among a number of ordinary websites. Wikipedia, (?), Reddit, Imgur, and some major newspapers and magazines like the ''New York Times'', ''The Guardian'', ''TechCrunch'', and ''Wired'' go HTTPS. Chrome begins the process of marking plain HTTP sites as Not Secure. Let's Encrypt makes it easy and free for people to move to HTTPS. Google and others set up systematic tracking of the proportion of HTTPS usage, and the period ends with a significant increase in HTTPS use. This period also begins a trend of the Chinese government censoring entire websites after they transition to HTTPS, because it can no longer identify and block individual webpages due to encryption.|-| 2018–2019 || With Chrome now marking all plain HTTP sites as not secure, most high-traffic sites that had not yet migrated complete their migration. This includes sites like IMDb, BBC, Wikia/Fandom, Fox News, and many others.
| 2016 || {{dts|August 25}} || Report/Observatory || Mozilla || State of HTTPS adoption || Mozilla, the organization that manages the {{w|Firefox}} browser, creates the Mozilla Observatory to track the web and its security. Among other things, this tracks the state of HTTPS adoption.<ref>{{cite web|url =|title = Observatory by Mozilla: Making the Web Safer|last = King|first = April|date = April 25, 2016|accessdate = November 20, 2017}}</ref><ref>{{cite web|url =|title = Mozilla launched the Observatory tool to test the security of websites|last = Paganini|first = Pierluigi|date = August 27, 2016|accessdate = November 20, 2017}}</ref>
| 2016 || {{dts|September}} (completion), November 29 (announcement) || Website || Default HTTPS-only || The Guardian || ''The Guardian'' announces that it completed its migration to HTTPS-only about two months ago. The announcement post describes the challenges of the migration, including avoiding negative audience and revenue impacts, and keeping older interactive content working. The migration approach is summarized as: migrate one small audience section to HTTPS, identify the problems and track them, and fix the problems that need to be fixed before the next section migration. Three complementary techniques used: monitoring, decoupling backend and frontend migrations (with backend migrations done first), and usage of early adopters (users could opt in to HTTPS-only before moving to default HTTPS-only). Technical details of the migration are also included in the post.<ref>{{cite web|url =|title = The Guardian has moved to HTTPS. Discover why and how the Guardian has moved to HTTPS, the secure version of the web protocol that helps to protect user privacy|last = Chauvin|first = Mariot|last2 = Islam|first2 = Huma|date = November 29, 2016|accessdate = April 13, 2019|publisher = The Guardian}}</ref>
| 2017 || {{dts|January 10}} || Website || New York Times || Default HTTPS-only || The ''New York Times'' announces that it has made a number of its articles default to HTTPS, including the home page, section and topic pages, and all articles published 2014 or later, and that it plans to make the rest of its site HTTPS as well.<ref>{{cite web|url =|title = HTTPS on|last = Konigsburg|first = Eitan|last2 = Wan|first2 = Vinessa|publisher = ''New York Times'' Open blog|date = January 1, 2010|accessdate = November 19, 2017}}</ref>

Navigation menu