Tripwire Guest Authors
Nov 12, 2014
Encrypt all the websites!
SSL is everywhere—or at least major security supporters want it to be. The EFF has long pushed HTTPS Everywhere through browser extensions. ‘SSL Verified’ icons can be found embellishing retail sites of every size, and even Google is supporting efforts by giving SSL-secured sites a boost in search ranking.
As HTTP/2 makes its way toward standardization, it has made optional the requirement for SSL/TLS communications, but browsers that support the would-be standard are taking a stand and are supporting only HTTP/2 over SSL/TLS.
SSL will be everywhere and you will like it.
But is it really making us safer? While it’s certainly difficult to argue against securing any and all communications, we may be doing a disservice to users by promoting SSL encrypted sites as the be-all and end-all of safety.
Full Article.
A Dyre Warning About Canonizing Encryption
+54
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.