We normally think of HTTPS (Hyper-text Transfer Protocol Over TLS) as something e-commerce or banking websites use. There are other types of sites that use it too, (webhosts can, for example, force logins to their user administration panels using https, and any site dealing in the exchange of any personal data is using it if they want to keep their good reputation intact), but banking and e-commerce are the two types of sites most users associate with secure. As of yesterday, Google is strongly encouraging everyone to use it, whether their website has e-commerce functionality or not. Google has indicated both on its Webmaster Central blog and on its Online Security blog that whether or not a site employs https will effect its ranking within Google’s search results.
For now, Google says that the https ranking signal carries very little weight, and will effect only about one percent of all rankings, but it hopes to ramp up in the future, which means that it’s likely that, at some point, if you want high rankings, your going to have to get yourself an SSL certificate, and then either learn how to install and deploy it or get someone to do that for you. It’s not a simple process.
I can see a market segment growing up around this, in both the white-hat and black-hat SEO communities. I can also envision all manner of spam opportunities arising from this, depending on how big it gets, which is something I never thought I’d hear myself say in relation to SSL certificates. I wonder when Google’s going to take the plunge and make Blogger secure?