The internet today is filled with hidden dangers and countless traps, and HTTPS can help you avoid some of them. However, the HTTPS ecosystem relies heavily on Certificate Authorities (CAs), which have long faced several criticisms: certificates are expensive; the process is opaque; and serious security issues exist, such as breaches leading to the issuance of fake certificates or mistakenly issuing certificates used for man-in-the-middle attacks.
The emergence of Certificate Transparency policies and Let's Encrypt has had a revolutionary impact on the HTTPS ecosystem.
Computer scientists from Carnegie Mellon University published a paper on a preprint website analyzing the impact and adoption of Let's Encrypt. Let's Encrypt aims to popularize HTTPS by offering free, automatically configured certificates, and it now issues 55,000 certificates a day.
The researchers analyzed Certificate Transparency logs, the distribution of domains using Let's Encrypt certificates, and the Alexa rankings of these domains, covering the period from September 17, 2015 to May 15, 2016.

They found that Western European countries had the highest proportion of websites using Let's Encrypt certificates, followed by North America, Japan, Singapore, and Russia. China did not rank among the top 20, suggesting relatively low adoption. Some websites abandoned their existing certificates and switched to using Let's Encrypt certificates.
CA User Attrition Rate
CA User Attrition Rate
As shown in the chart, the two CAs that lost the most customers were COMODO and StartCom. Notably, new certificates from StartCom have recently been distrusted by multiple browsers. The vast majority of websites using Let's Encrypt certificates are ranked below the top 100,000 in Alexa rankings. This “heavy-tailed distribution” phenomenon shows that Let's Encrypt is indeed helping to popularize HTTPS.
Virus scans of websites using Let's Encrypt certificates found that a small number were categorized as malicious, suggesting that some site owners might be attempting to exploit HTTPS to gain user trust.
Furthermore, according to Google, statistics from Chrome users show that over half of the pages loaded by desktop users are now served over HTTPS, and they spend two-thirds of their total browsing time on HTTPS pages. HTTPS adoption is lower on mobile devices but is also showing an upward trend.
Additionally, Mozilla also reported last month that half of the pages loaded by Firefox users had HTTPS