[yvan]

For our media website, it took us one year before we could move to HTTPS, mainly because of the AdServers which wasn't ready. We had to talk to each ad provider in order to ask them to upgrade to HTTPS. Unfortunately as media companies have most of their revenue from ads you just can't switch like that.

Also, features that are now available once the HTTPS by default on a website, is the AMP, Notifications, HTTP2 (faster loading) and, of course, the little advantage that Google gives to the HTTPS websites.

[_ak]

Google started the process of enforcing HTTPS on AdX about 2.5 years ago. Not implementing HTTPS in that large timeframe is rather inexcusable. It's just technical debt that you need to acknowledge, and then get rid of it.

[yvan]

Nowadays an Ad Server can call another one and so one, due to programmatic. So you might have one Ad server enforcing and serving their tags in HTTPS, but in the end the little local Ad Server which is part of a bigger network doesn't have the HTTPS and so his material isn't delivered.