Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Will browsers someday mark all HTTP pages as insecure?

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

December 16, 2014

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

Google's Chrome Browser security team has started a new debate on whether browsers should someday mark all HTTP pages as insecure.

And when you think of it, it would make some sense since after all, more security sure is better than not enough.

“We propose that user agents (UAs) gradually change their UX to display non-secure origins as affirmatively non-secure,” the team wrote today in a blog post.

It says the team's goal “is to more clearly display to users that HTTP provides no data security because all we need is data communication on the web to be secure (private, authenticated, untampered).”

If users aren't enjoying good security, the team suggests, browsers “should explicitly display that, so users can make informed decisions about how to interact with an origin.”

The team also points out that HTTPS traffic usually produces a change to the user interface notification, yet insecure HTTP traffic does not.

The team proposes that browsers instead define and inform users of three security levels:

  • Secure (valid HTTPS, other origins like (*, localhost, *)
  • Dubious (valid HTTPS but with mixed passive resources, valid HTTPS with minor TLS errors)
  • Non-secure (broken HTTPS, HTTP)
  • The post's authors have thrown the topic open to debate, posting to several influential mailing lists to gather some feedback.

    However, the Chromium team seem intent on the change-- the post says “We intend to devise and begin deploying a transition plan for Chrome sometime in 2015.”

    Source: Google's Chrome Project.

    Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

    Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
    Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer