HTTPS provides validation and encryption, two important pieces of security. Using it for everything is possible but costly, and issues would remain.
I recently switched Ask Leo! to SSL, partly as a statement and partly for fun. I’ll explain a little of what goes on behind the scenes.
A secure website means the site owner has jumped through the technical hoops necessary to qualify for https. Safety is another thing all together.
Once you are out of https pages you are out of encryption. But there is one good way to secure all your online activities.
Using a bunch of mathematical magic, a key pair is generated. But that’s just where the fun starts.
If you can turn http into https and it works, that means that the site has a security certificate. So why aren’t they using it?
https should be safe as long as the padlock icon indicates that the certificate is correct. That proves that you’re visiting the site that you believe you are. If you don’t see it, you should be concerned.
Often, when a secure https site is fetching images from its unsecure http counterpart your browser will flash a security warning. It’s common, but is it something to worry about?
Setting up an https secure website is both simple, and complex. The HTML doesn’t really change but you’ll need different hosting for the secure layer as well as a certificate to provide the security of https.