Google announces that HTTPS will be used for ranking
Google announced yesterday that after some favourable testing, they will be adding HTTPS as a ranking signal. Initially the value of this signal will be relatively small in comparison to other signals such as "high-quality content", but this is to allow time for Webmasters to switch their current non-secure sites over. Google are undecided if they will increase the signal's value, but given that a grace period has been handed to Webmasters, the change should happen.
The news has had mixed reactions within the Webmaster community with some Webmasters voicing opposition, stating that sites containing static information shouldn't need to secure the content. However it's not about just securing the transmission of data from client to server, it's about securing all transmissions.
Google has pointed out three key layers of protection that an encrypted connection provides, Encryption, Data integrity and Authentication. These layers are what the users gain when using a secure connection. Encryption stops the external analysis of data, Data Integrity guarantees that the data hasn't been manipulated, and Authentication proves that the site is who they say they are.
Other Webmasters have suggested that certain SEO spam tactics may also be impacted. The additional certificate costs involved with the bulk creation of dummy domains may render this tactic too expensive and time consuming. This would in theory make the dummy domain results sink to the bottom, while the verified secure sites float to the top.
Taking Google's HTTPS everywhere stance into account, one would expect that down the track Google may start giving ranking preference to a secured site (with a marginally lower result score) over an insecure site with a higher score, just to try and protect the end user.