WordPress.org is now delivered over SSL. I saw an exchange between John Turner and Pippin Williamson that noted the change, visible as the default result in Google’s search engine results.
@johnturner No, it's new
— Pippin Williamson (@pippinsplugins) March 6, 2014
If you visit WordPress.org over Http, it won’t redirect you to Https yet, but Google is indexed that way, and I assume that eventually all visitors may get redirected.
Why is SSL important?
I really like the way Zack from The Theme Foundry described SSL and why it’s important when they announced their switch a couple of weeks ago:
An SSL connection encrypts all the data that is passed between your browser and our web server. This prevents someone from intercepting those communications. SSL is like two people talking in a private room. Unencrypted connections of the http variety are like talking in a crowded bar, where anyone on the network can listen in. As the web matures, and attacks get more sophisticated, SSL is becoming more and more important.
Yeah, all of WordPress.org will be 100% forced SSL soon. There are just some more bugs we have to work out (mixed content, etc.), but we’re getting there. A number of us have been forcing SSL for ourselves for a month or two now in order to fix the kinks as we find them.
I’ve been using WordPress over https for quite a while now (forcing it with the HTTPS Everywhere addon for Firefox and Chrome)
This is definitely a good change to force it implicitly by WordPress itself.
I say SSL all the things 😉 We’re going to change as many of our own sites to SSL as possible this year as well. Perhaps a good time to change PostStatus to a version without the www and with the HTTPS too? 😉
One of the main benefits of using SSL is actually full support for the SPDY protocol, which drastically speeds up a lot of the site. Try using https on the site in Chrome. Makes a big difference.