Traditionally https was only used when absolutely necessary to protect personal and vital information. Checkout and account registration being the most common. The major reason for a lack of broad implementation was the computational overhead that slowed down performance. With the computational overhead no longer an issue(if you don’t think so please research yourself and test, test, test), what is the proper use in today’s environment.
As I have been working on my sites I have started to come to the conclusion there is absolutely no downside to using it on the entire site for the following summarized reasons.
1) A good EV cert enhances customer confidence (a green address bar is never a bad thing)
2) Search engines still find your products (submitted through feeds anyway)
3) Performance is not an issue any longer
4) If you pay for the cert you may as well use it and get the enhanced credibility
Is my logic flawed? Greater minds than I are on this site, looking forward to feedback.
MM/RC
1 Answer
HTTPS has an overhead on processing power on every request – security considerations or usage pattern left aside. That’s the major downturn (and that it ever was, a question of resources), so you should really ask yourself what do you want to offer to your users.
It’s absolutely valid to SSL everything ™ for your site. That’s very user-friendly indeed.
So if your see for yourself as in 3), that performance is not an issue any longer, go for it! I would rate it as the major downturn, but that’s mostly related to resources and traffic, so if performance is not an issue, offer HTTPS.
User love TLS, it’s a very well accepted principle: secure sites.
