Google I/O 2014 – HTTPS Everywhere (video)
Excellent, essential and game-changing talk by Ilya Grigorik and Pierre Far (both of Google), explaining why you should always use HTTPS, not only on “security-related requests”. The talk also features prices and sources of certificates, have a look on the free ones (!) for non-commercial and open-source sites, a quick guideline on how to migrate to HTTPS, why you should use protocol-less URIs in your sites and how this can actually make your sites faster.
Interesting additional information:
- Wikipedia article of SPDY, the HTTP-“modification”, allowing to handle all requests over one connection.
- The article Google’s Online Security Blog – HTTPS as a ranking signal regarding the importance of HTTPS-only-sites in Google’s ranking algorithm.
- Wikipedia article of TLS, the “attacks”-section might be interesting in this context.