Google has been making a large push towards encrypting the entire internet. By making it a ranking factor, giving an https option for Blogger and converting all Gmail traffic to https.
However, Google admits that it still has areas to improve and it needs to reach some of its older products.
“Google has been working hard toward our objective of achieving 100% encryption across our products and services,” Google stated in its March 15th transparency report.
Google is working on encrypting its other products and there have been various technological challenges and it has outlined some of them.
- Older hardware and software do not support modern encryption technologies.
- Certain countries and organizations block or otherwise degrade HTTPS traffic.
- Some organizations do not have the desire or technical resources to implement HTTPS.
- Certificate management can be challenging for products like Blogger, where a user’s non-Google domain can be used.
Now these are all valid concerns BlogSpot is one of the most widely used websites in the world and its not something that can be easily converted to HTTPS especially since it allows users to add their own domain and while this may seem like an unfair measurement all the traffic is still connecting to Google’s servers and, therefore, it needs to be counted.
Blogger also has sites that are using external styles, scripts and embeds all of which would be broken if the sites were connected over https.
So what can Google do? In this case nothing unless it wants to run the risk of breaking the scripts but there are some good signs in Google’s goal.
Advertising is now served over https 77% of the time.
Maps are served over https 83% of the time.
News is served over https 60% of the time.
Drive is served over https 100% of the time.
Gmail is served over https 100% of the time.
While this goal will take some time Google has to find an appropriate way to get around its Adsense issue (HTTP content being served via HTTPS scripts) and Blogger which will be the largest roadblock for the company when it comes to solving this https gap.