However, the reassuring green "https" in the browser's address field will remain reserved for fully encrypted pages.
Mixed-content errors are commonplace, appearing on websites that are fully encrypted with modern cryptography but also contain elements that are not encrypted. These errors often come from text-based or banner ads that are served by third-party companies with no encryption. Only a handful of ad networks provide an encrypted service (though Google itself does), despite the security benefit it offers, such as preventing man-in-the-middle attacks.
Google said its new three-state security system -- which now combines HTTP with HTTPS with minor errors -- will help represent the secure state of a website more accurately to the user.
Google's Lucas Garron and Chris Palmer explained: "We've come to understand that our yellow 'caution triangle' badge can be confusing when compared to the HTTP page icon, and we believe that it is better not to emphasize the difference in security between these two states to most users. For developers and other interested users, it will still be possible to tell the difference by checking whether the URL begins with 'https://'."
Garron and Palmer said the company's goal is for two eventual states: secure, and not secure.
CloudFlare chief executive Matthew Prince explained in a conversation in our New York newsroom -- among other things -- last week that moving away from mixed-content warnings would help make the internet more secure in the long run.