[GNC] Site certificate expiry warning
Dr. David Kirkby
drkirkby at kirkbymicrowave.co.uk
Thu Mar 30 14:29:12 EDT 2023
On Thu, 30 Mar 2023 at 19:03, Michael or Penny Novack <
stepbystepfarm at comcast.net> wrote:
>
> > "Here are the criteria for a URL to rate as good in page experience
> status
> > in Google Search::
> >
> > - *Failed:* The URL is served using HTTP, not HTTPS.
> >
> > So it seems to me that the argument that a website does not collect
> > personal information, so does not need HTTPS, is flawed. You can argue
> the
> > technical merits of Google's approach, but it does seem to be the case
> that
> > the use of HTTPS is a good thing if you want the website to do well in
> > Google.
>
> Except you seriously misunderstand the difference between HTTP and HTTPS.
>
I do know the difference.
> This has nothing to do with the capability of collecting personal
> information. It has to do with the SECURITY of what is transmitted. In
> other words, IF personal data were collected by a site using HTTP it
> would be insecure during transmission. Therefore a site should not be
> collecting personal data without being HTTPS.
>
> Google is down rating sites using HTTP because it doesn't know what the
> site is doing (collecting personal data or not). It is telling users
> "this site less safe" because IF the site is collecting personal
> information would be less secure.
>
But that still means if you want to do well in Google, you maximise your
chances if you use HTTPS. Even if you have a completely static website,
with no possibility of a user entering even an email address or name.
>
> Michael D Novack
>
Dave
More information about the gnucash-user
mailing list