Google has added a new section to its transparency report that provides data on the number of requests Google gets from companies that use HTTPS encryption. The move aims to track the progress of encryption efforts at Google and on some of the Web's most trafficked sites.
"Our aim with this project is to hold ourselves accountable and encourage others to encrypt so we
can make the web even safer for everyone," wrote Google HTTPS evangelists Rutledge Chin Feman and Tim Willis in a post. An accompanying chart shows that the percentage of requests to
Google's servers that used encrypted connections rose from 50% in January 2014 to 75% in January 2016.
While the data does not include YouTube traffic, it does build in data about
HTTPS connections on many popular Web sites such as ask.fm, facebook.com, linkedin.com, tumblr, among others. The sites were chosen based on a combination of publicly available Alexa
data and Google's internal data, estimating they account for about 25% of all Web traffic on the Internet.
Google's team will provide weekly updates on progress made toward implementing HTTPS by default across Google's services. Google has long offered Gmail, Drive, and Search running on HTTPS, and in the last year, the company began to add traffic from more products, like ads and Blogger.
Web sites use certificates to tell users they are legitimate, which should give consumers confidence when browsing and buying from Web sites online. Browsers need to check whether the certificate that presented is valid and appropriately issued.
So Google also added a Certificate Transparency log viewer, a Web interface for users and site administrators to easily check and see who has issued a certificate for a Web site. "If you use this log viewer and search for google.com with ‘include expired' checked, you'll see the mis-issued google.com certificate from September 2015," the Google team explains.