Submission + - Google Activates Forward Secrecy SSL Feature (eff.org)
esocid writes: Google has now enabled "forward secrecy" by default on all its search-traffic. What that means is that part of the key needed to decrypt the traffic is never stored, so that in the event of a security breach at Google, older, intercepted traffic can't be descrambled.
Other web sites have implemented HTTPS with forward secrecy before [...] but it hasn’t yet been rolled out on a site of Google’s scale. Some sites have publicly resisted implementing forward secrecy because it is more CPU intensive than standard HTTP or HTTPS. In order to address that problem, Google made improvements to the open source OpenSSL library, and has incorporated those changes into the library for anybody to use.