Changes

|-

| 2016 || {{dts|September}} (completion), November 29 (announcement) || Website || Default HTTPS-only || The Guardian || ''The Guardian'' announces that it completed its migration to HTTPS-only about two months ago. The announcement post describes the challenges of the migration, including avoiding negative audience and revenue impacts, and keeping older interactive content working. The migration approach is summarized as: migrate one small audience section to HTTPS, identify the problems and track them, and fix the problems that need to be fixed before the next section migration. Three complementary techniques used: monitoring, decoupling backend and frontend migrations (with backend migrations done first), and usage of early adopters (users could opt in to HTTPS-only before moving to default HTTPS-only). Technical details of the migration are also included in the post.<ref>{{cite web|url = https://www.theguardian.com/info/developer-blog/2016/nov/29/the-guardian-has-moved-to-https|title = The Guardian has moved to HTTPS. Discover why and how the Guardian has moved to HTTPS, the secure version of the web protocol that helps to protect user privacy|last = Chauvin|first = Mariot|last2 = Islam|first2 = Huma|date = November 29, 2016|accessdate = April 13, 2019|publisher = The Guardian}}</ref>

|-

| 2017 || {{dts|January 10}} || Website || New York Times || Default HTTPS-only || The ''New York Times'' announces that it has made a number of its articles default to HTTPS, including the home page, section and topic pages, and all articles published 2014 or later, and that it plans to make the rest of its site HTTPS as well.<ref>{{cite web|url = https://open.blogs.nytimes.com/2017/01/10/https-on-nytimes-com/|title = HTTPS on NYTimes.com|last = Konigsburg|first = Eitan|last2 = Wan|first2 = Vinessa|publisher = ''New York Times'' Open blog|date = January 1, 2010|accessdate = November 19, 2017}}</ref>