QR Code contains TinyURL of this article.TLS Adoption is Growing, Fast

One of the Perpetual βeta housekeeping tasks I run (semi) frequently, is a site-wide check of hyperlinks, internal and external, with the Integrity app.

Integrity reports broken links. I then investigate each one and attempt to determine if the linked resource has permanently disappeared — in which case I’ll try to find an alternative resource — or temporarily, which I’ll leave alone.

Amongst the reports that Integrity produces is a list of all redirected links on a site. So, if a resource has moved — and the webmaster’s on top of her game — the target website will have instructions to redirect calls to the old address ‘old-example.htm’ to the new address ‘new-example.htm’. A process that is effectively transparent at the client side.

I usually replace re-directed source links on Perpetual βeta with the destination address the redirect results in, as this removes just that little bit of latency and fractionally eases the load on the target server.

As it happens, I hadn’t run Integrity for some time (six months at a guess). So I recently fired up the app and let it analyse the Perpetual βeta. In the results two things struck me. The first was that there were only half-a-dozen broken links (which is certainly a surprise considering the usual atrophy of the Web). The second was a disproportionately high number of redirects on the Perpetual βeta’s 1,700+ hyperlinks.

Had half the Web relocated? Had I missed a significant Internet event?

Actually, the answer to both questions was, “yes, kinda.”

Almost every single one of these redirects was a protocol change from the plain-text, unsecured HTTP to the encrypted HTTPS.

It’s amazing to see so much of web adopting TLS and so quickly. Just two or three years ago this would have been unthinkable. Webmasters were able to argue against TLS deployment with good reason: cost; expensive processor cycles for encryption/decryption; implementation barriers (including those of getting advertisers and other third-parties on-board); and so on.

Yet here we are, with a Web where now it seems that HTTP is odd man out, rather than its counterpart.

The efforts of parties like Let’s Encrypt — in making TLS effectively free — combined with concerns raised by the Snowden leaks and growing revelations of state-sponsored surveillance; in conjunction with players like Google touting increased search relevance to secure websites; and now vendors revealing plans for, or deployment of, browsers that highlight unsecured websites… all are, I’m sure, factors in the increasing dominance of TLS-secured Web properties.

It’s taken us a long time to get here, but we should all be grateful that we are, and that the rate of TLS adoption continues.