HTTPS Should Be The Standard For All Government Sites, Says U.S. CIO

HTTPS Should Be The Standard For All Government Sites, Says U.S. CIO

The CIO of united states has proposed a plan to make HTTPS the standard for all government and authority websites.

"The majority of Federal websites use HTTP as the primary protocol to communicate over the public internet. Unencrypted HTTP connections create a privacy vulnerability and expose potentially sensitive information about users of unencrypted Federal websites and services. Data sent over HTTP is susceptible to interception, manipulation, and impersonation. This data can include browser identity, website content, search terms, and other user-submitted information."

CIO pointed out, "Many commercial organizations have adopted HTTPS or implemented HTTPS-only policies to protect visitors to their websites and services. Users of Federal websites and services deserve the same protection."

The proposal says the plan is a Cost Effective Implementation. "Implementing an HTTPS-only standard does not come without cost. A significant number of Federal websites have already deployed HTTPS. The goal of this proposal is to increase that adoption."

It also suggests technologies like, Server Name Indication, Strict Transport Security and Domain Name System Security to make the user side more secure as well as the server side.

No comments

Powered by Blogger.