600,000. According to Netcraft, there are about 600,000 SSL sites out there on the public internet, and we just recently tipped over that arbitrary, but pleasantly round, number.
I’m not sure why, but when I tell people this (people, that is, who have any hope of being interested in such things; a small, biased, statistically indefensible sample,) they are surprised. I think mostly they expect the number to be higher. And in actual fact, it probably is, at least a little bit. I am reasonably certain, without even looking into them, that Netcraft’s methods are more prone to type-2 errors – false negatives – than they are to false positives. Nevertheless, it’s probably the right order of magnitude. There are almost certainly less than a million, for instance.
Netcraft doesn’t publish any numbers it may gather about the ratio, in that group, between DV, OV, and EV certs, but the informal vibe I get leads me to believe that there are around 2000 EV certs out there at the moment. Given that several of these have gone to extremely high traffic domains, though, that number probably under-represents their network significance.
I bring these numbers up here because they seem to surprise people, and surprises are generally more instructive than confirmations. In the last couple weeks, a fair number of surprising numbers have flitted across my radar, so I figured I would rehash a couple here, with no particular (conscious) effort to weave a narrative into them beyond, “hey look, infoporn!” Continue reading →