According to a post published yesterday on the official YouTube Engineering and Developers Blog, 97 percent of YouTube’s traffic is now encrypted since the Internet giant began rolling out encryption using HTTPS two years ago. Encrypted traffic increases your security by garbling the data as it travels from servers to your computer, and vice versa, in order to make these transmissions unreadable to rogue parties without an encryption key.
According to Google, HTTPS provides critical security and data integrity.
Enabling encryption for YouTube traffic was quite challenging due to the Google Global Cache serving a massive amount of video, lots of different devices that access YouTube and lots of requests made from any one individual client.
YouTube encryption is hardware accelerated on the network end so users shouldn’t see any discernible difference in streaming quality or speed. And because HTTPS ensures content integrity, “we virtually eliminated many types of streaming errors.”
By the way, ads on YouTube have used HTTPS since 2014.
“We’re also proud to be using HTTP Secure Transport Security (HSTS) on youtube.com to cut down on HTTP to HTTPS redirects,” writes Google. HSTS (not to be confused with the secure HTTPS protocol) improves both security and latency for end users.
“Our HSTS lifetime is one year, and we hope to preload this soon in web browsers.”
And last but not least, some devices that access YouTube do not fully support modern HTTPS—the remaining three percent—so Google will gradually phase out those insecure connections for everyone else’s benefit.
Source: Google