This is a good thing.
[QUOTE]"For now it's only a very lightweight signal - affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content - while we give webmasters time to switch to HTTPS," [/QUOTE]
They're forgetting that SSL certificates still cost money to renew every year unless you use StartCom or something. Secured internet traffic will pick up much quicker if the cert costs weren't so high.
There has been a huge push towards using encryption for everything recently, it's great. HTTP2 mandates support for TLS on the server side and because of that Firefox and Chrome are only going to talk HTTP 2 over TLS, and using SPDY/HTTP2 gives you other benefits like better link utilisation and lower latency.
[QUOTE=UberMensch;45618604]They're forgetting that SSL certificates still cost money to renew every year unless you use StartCom or something. Secured internet traffic will pick up much quicker if the cert costs weren't so high.[/QUOTE]
i've got one that's like $30 a year
are those useless or someting? i don't see that as a burden for anyone in this kind of stuff
[QUOTE=Giraffen93;45618904]i've got one that's like $30 a year
are those useless or someting? i don't see that as a burden for anyone in this kind of stuff[/QUOTE]
Well, it's $30 on top of what you already pay for your hosting and your domain (and maybe whoisguard). People on tight budgets might not appreciate their page going down in search results just because they didn't pay more.
[QUOTE=UberMensch;45618604]They're forgetting that SSL certificates still cost money to renew every year unless you use StartCom or something. Secured internet traffic will pick up much quicker if the cert costs weren't so high.[/QUOTE]
Google should offer free SSL certificates, they have the means to verify and validate peoples identities so why not?
Never understood why proper SSL costs money.
[QUOTE=Map in a box;45625510]Never understood why proper SSL costs money.[/QUOTE]
SSL should be standard for all websites this day and age.
[QUOTE=Jsm;45620108]Google should offer free SSL certificates, they have the means to verify and validate peoples identities so why not?[/QUOTE]
They probably will, this is just the first step.
[QUOTE=Map in a box;45625510]Never understood why proper SSL costs money.[/QUOTE]
Its because they (should) do some leg work to make sure you are who you are and stuff. The prices are way over the top though, when you pay $100+ for a basic cert with a big name all you are paying for is the big name. At a technical level there is no difference between the free StartSSL certificates and the expensive ones.
There's no real difference between a self signed cert and a expensive cert, it just comes down to "trust". The browsers trust the CAs to only give certs to people who say they are, and the CA trusts that you're who you say you are and they sign your cert, so when it's presented to the browser they can trace the "trust" back to a CA they trust, and allow it. Self signed certs don't have that trust, but are just as secure as long as you can verify the cert is actually from the server (You as in the user, the browser can't do it, that's why it complains about self signed certs being invalid basically)
There are a bunch of proposals to make self signed certs just as valid as CA signed certs, but these things take time (One of the solutions relies on DNSSEC, which doesn't have much support from apps/DNS servers/ISPs/OSs/etc.)
StartSSL has free SSL certificates for non-commercial sites:
[url]http://www.startssl.com/[/url]
Then there are community-driven efforts like CAcert.org, although they are considered invalid by most if not all internet browsers by default, so ordinary people would just assume the site is unsafe.
I do hope a low-cost/free alternative is released soon. You shouldn't have to pay in order to encrypt the traffic between your site and its users.
I'm not sure if this is a good thing or not. When I'm searching for something I want the most relevant results possible. If this turns out the way I think it will, websites that have the resources and need for encryption will be boosted further up the search results while smaller websites; websites that may actually contain what I'm looking for are buried in amongst a load of shit.
An example may be: I'm doing research on something and need some examples/evidence to back up a point I'm trying to make. With this new system in place I'll be more likely to come across Yahoo Answers questions, Facebook pages and pay walled sites rather than news articles and specialist websites.
Sorry, you need to Log In to post a reply to this thread.