Six Reasons http Will Become a Thing of the Past
-
Upload
cascouncil -
Category
Technology
-
view
377 -
download
2
Transcript of Six Reasons http Will Become a Thing of the Past
REASONS HTTP WILL BECOME A THING OF THE
PAST
6
Reason #1: Browsers Will Warn Users of Non-HTTPS Connections
Chrome plans to warn users when pages are insecure (non-https), and will warn if an insecure page asks for a password or credit card with words “Not Secure”
Firefox plans a similar warning for sites requiring passwords and credit cards
Both will transition to a more noticeable red triangle
Firefox Warnings
When passwords are requested over http:
https://blog.Mozilla.org/tanvi/2016/01/28/no -more-passwords-over-http-please/
http-password.badssl.com
DevEdition 46+
http-password.badssl.com
DevEdition 45
Chrome to Present Similar Warnings
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
Treatment of HTTP pages withpassword or credit card form fields:
Current (Chrome 53) login.example.com
Jan. 2017 (Chrome 56) login.example.comNot secure
Reason #2: Powerful Features Only on HTTPS
Encrypted Media Extension (DRM)
See: https://www.chromium.org/Home/chromium-security/deprec
ating-powerful-features-on-insecure-origins
Geolocation (Chrome 50)
Device Motion/Orientation Fullscreen
getUserMedia (Camera/Mic)
Reason #3: HTTP2 Over HTTPS Only
Chrome, Firefox, IE, Edge, Safari, Opera test comparison
HTTP/2
HTTP/1.1
0 10 20 30 40 50 60
Latency (in mil-liseconds)
HTTP/2
HTTP/1.1
0 2 4 6 8 10 12 14 16 18 20
Load Time (in seconds)
See: https://http2.akamai.com/demo
Reason #4: Improved Referrer Data
Use HTTPS for your own site and improve your
referrer data!
HTTP Website Operator:
Source (HTTPS):
Reason #5: GMAIL Showing Encryption IndicatorsSMTP TLS Connection GUI in gmail
Use publicly trusted certs for mail servers
NO ENCRYPTION WITH ENCRYPTION CERTIFICATE
of mail servers don’t have a publicly trusted SSL cert yet, according to Netcraft
82%
Reason #6: HTTPS is Coming to a Domain Near You
56%Use https
46%Participate in the
digital analytics program
ALL .gov
OUT OF 1166
DOMAINS! As of 10/17/16
What Do These Mean?
Symbols That Are Consistent, Universal, Global, No Learning
Curve!
Consistency Matters
Copyright © 2014 Symantec Corporation
CASC Predictions
Certificate usage will continue to grow6.5 to
7.5M in 12 monthsFueled by https initiatives (search ranks, powerful features, negative browser UI)
SNI servers will show increased
growth
SHA-1 usage will decline
dramatically (and so will XP!)
Phishing using DV certs will continue to
increase
Chrome will be on the bleeding edge of
changes and enforcements
IPv6 will finally be adopted for CRL and
OCSP lookups
Q&A