Makes sense. The reason seo spam is effective is because it's so cheap to get a new site (or ten thousand new sites) up and running. If you make that cost $50 per domain for the ssl cert, that will help ensure all those sites sift nicely down to the bottom of the rankings.
Bonus points if they allow a single bad site to tarnish the reputation of all sites under a milti domain cert.
We could have had this from the start if domain names weren't essentially free via domain tasting. But hey, better late than never.
I do agree, however remember that you can get SSL certs from $9 (e.g. from NameCheap). You might be able to pay lower if you shop around too.
Also even if it was used as a fairly strong ranking signal, if Google still approach their rankings like they do now, spammers might still have sufficient ranking 'weight' to overcome a lack of SSL certificate.
Don't forget you have to manage your certs. It's an extra burden.
Let's say I am a freelancer, I make website for small restaurant. Until now I could make a website with frontpage, menu and gallery put it on a server and be done with it and collect a monthly fee.
Now, you have to manage the cert, that is say every year re-issue a new cert and invalidate the old. It adds costs. Without much if any benefits for some class of websites.
I'm a freelance web developer for dozens of restaurants. They pay for the site, then a yearly hosting fee every year after launch. They get a basic CMS so they can update their hours/menus/etc.
I host all their sites on a few VPS servers. Some of my contracts require support for IE 7 or IE 8 on Windows XP, and those browsers don't support SNI. So in addition to what you've mentioned - maintaining certificates and losing more of what little money I make on hosting (I basically charge a small % of the VPS cost plus a few hours' worth of work), I now will need to figure out another solution. It seems like a waste to spin up a new VPS for each site that requires XP support.
Clients look at the <10% of visitors coming from Safari and IE7+8 on XP and say "those are potential customers." It's difficult to argue with that.
For now though, I'm going to do nothing new. All indications are that HTTPS is going to be maybe 1% of the ranking, and I know my market well enough that the sites rank highly for local searches - which is the important part. They're responsive and they've all got social media presences, so until SSL is more important for PageRank, I'll wait it out.
A few people I've talked with told me the same. For now they won't care. But as told me a friend, if too much client start to ask for it will be troubles for him.
But that is to be kept in mind :
"But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web."
Bonus points if they allow a single bad site to tarnish the reputation of all sites under a milti domain cert.
We could have had this from the start if domain names weren't essentially free via domain tasting. But hey, better late than never.