A group of privacy and security experts sent a letter today urging Google to strengthen its leadership role in web application security. Gmail users opt in to always use HTTPS every time they log in (no need to type or bookmark the “https”) Free, always-on HTTPS is pretty unusual in the email business, particularly for a free email service, but we see it as an another way to make the web safer and more useful. In fact, we’re currently looking into whether it would make sense to turn on HTTPS as the default for all Gmail users.”]
Source: https://security.googleblog.com/2009/06/https-security-for-web-applications.html