Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Google wants to turn browser signals of Web encryption upside down

Gregg Keizer | Dec. 23, 2014
Proposes that browser makers collaborate in explicitly marking unencrypted traffic as unsafe.

Mozilla, Barnes also noted, has backed Let's Encrypt, a project to deliver free security certificates, making encryption possible for small websites.

Those certificates would be important. If browsers marked HTTP as not secure, website owners would want to avoid the warnings -- afraid they would scare off visitors -- and so need a certificate to encrypt their traffic. That's clearly Google's aim: The proposed HTTP signals would be the stick to make that happen.

Google has been aggressively promoting HTTPS, notably on its own properties, including its search engine and Gmail, but it's also wielding clubs other than the new proposal. In August, for instance, Google said it may lower the search ranking of websites that aren't encrypting connections with TLS.

Large swaths of the Internet would have to move to HTTPS to avoid the negative browser signals and public shaming under Google's concept, as most major players don't encrypt their primary domains. Neither nor use HTTPS, for example, although parts do, including their online stores and some of their services, like Microsoft's and Apple's iCloud.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.