![]() |
Google Chrome Browser to Warn Users of Sites That Don't Use HTTPS
Google hopes that the warnings it sends to Chrome browser users will encourage websites to move to the secure HTTP protocol.
Google plans to introduce a warning system to alert users about potential security risks when they visit websites that do not use the HTTPS protocol. Starting in 2015, users of Google?s Chrome browser who visit an HTTP site will receive an alert that the site may not be fully secure. Initial alerts will simply mark a non-HTTPS site as having ?Dubious? security but at a future date, Chrome will start labeling such sites as ?Non-secure." Google Chrome Browser to Warn Users of Sites That Don't Use HTTPS ===== Marking HTTP As Non-Secure Proposal We, the Chrome Security Team, propose that user agents (UAs) gradually change their UX to display non-secure origins as affirmatively non-secure. We intend to devise and begin deploying a transition plan for Chrome in 2015. The goal of this proposal is to more clearly display to users that HTTP provides no data security. Request We?d like to hear everyone?s thoughts on this proposal, and to discuss with the web community about how different transition plans might serve users. Background We all need data communication on the web to be secure (private, authenticated, untampered). When there is no data security, the UA should explicitly display that, so users can make informed decisions about how to interact with an origin. Roughly speaking, there are three basic transport layer security states for web origins: Secure (valid HTTPS, other origins like (*, localhost, *)); Dubious (valid HTTPS but with mixed passive resources, valid HTTPS with minor TLS errors); and Non-secure (broken HTTPS, HTTP). Marking HTTP As Non-Secure - The Chromium Projects |
Google is what's dubious.
|
anyone who is using google chrome is crazy............
|
Quote:
|
Quote:
|
already tried to set https, its kinda difficult.
but gotta go with flow. if anyone cant afford the ssl cert, just use cloudflare and set all yours internal links to https and force users to https. |
chrome is ram monster now days for me, ff much faster
|
Quote:
|
TLS, no problemo really ...
|
All times are GMT -7. The time now is 04:30 PM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123