{
    "version" : "https://jsonfeed.org/version/1",
    "content" : "news",
    "type" : "single",
    "title" : "HTTPS For All |Digital.gov",
    "description": "HTTPS For All",
    "home_page_url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/","feed_url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/2015/06/15/https-for-all/index.json","item" : [
    {"title" :"HTTPS For All","summary" : "With the release of a new dashboard to measure best Web practices in the federal government and the establishment of a government-wide HTTPS Only Standard, the time to make the switch to HTTPS has arrived. Agencies have until December 31, 2016, to make the switch. The move to HTTPS is not only happening in government;","date" : "2015-06-15T10:00:32-04:00","date_modified" : "2025-01-27T19:42:55-05:00","authors" : {"kdaniel" : "Kendrick Daniel"},"topics" : {
        
            "open-data" : "Open data",
            "product-and-project-management" : "Product and project management",
            "security" : "Security"
            },"branch" : "bc-archive-content-3",
      "filename" :"2015-06-15-https-for-all.md",
      
      "filepath" :"news/2015/06/2015-06-15-https-for-all.md",
      "filepathURL" :"https://github.com/GSA/digitalgov.gov/blob/bc-archive-content-3/content/news/2015/06/2015-06-15-https-for-all.md",
      "editpathURL" :"https://github.com/GSA/digitalgov.gov/edit/bc-archive-content-3/content/news/2015/06/2015-06-15-https-for-all.md","slug" : "https-for-all","url" : "/preview/gsa/digitalgov.gov/bc-archive-content-3/2015/06/15/https-for-all/","content" :"\u003cdiv class=\"image\"\u003e\n  \u003cimg\n    src=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2015/06/600-x-400-https-weerapatkiatdumrong-iStock-Thinkstock-520737069.jpg\"\n    alt=\"A small metal padlock rests on a keyboard to represent HTTPS; hypertext transfer protocol secure\"/\u003e\u003c/div\u003e\n\n\n\u003cp\u003eWith the release of a new dashboard to \u003ca href=\"https://pulse.cio.gov/\"\u003emeasure best Web practices\u003c/a\u003e in the federal government and the establishment of a government-wide \u003ca href=\"https://www.whitehouse.gov/sites/default/files/omb/memoranda/2015/m-15-13.pdf\"\u003eHTTPS Only Standard\u003c/a\u003e, the time to make the switch to HTTPS has arrived. Agencies have until December 31, 2016, to make the switch. The move to HTTPS is not only happening in government; it is also becoming the standard in industry as well. \u003ca href=\"https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/\"\u003eFirefox\u003c/a\u003e and \u003ca href=\"https://www.chromium.org/Home/chromium-security/marking-http-as-non-secure\"\u003eChrome\u003c/a\u003e have begun taking actions to phase out HTTP to make browsing more secure.\u003c/p\u003e\n\u003cp\u003eThe use of HTTPS allows browsers to provide a more secure experience to the end user. Many ask why there is a need for HTTPS on all sites, even those that do not collect personally identifiable information (PII). Eric Mill, a technologist at 18F, believes that everything you do online should be secure.\u003c/p\u003e\n\u003cp\u003e“All browsing is private and sensitive,” said Mill. “Anything you do online over an insecure connection opens you up to being tracked or having the website you’re trying to visit spoofed or modified. HTTPS ensures that your activity stays between you and the website you visit. As HTTPS becomes the default for the government and for the Web, browsers can start making stronger assumptions about all websites, and so the use of HTTPS even on less sensitive sites improves security for everyone, including more sensitive sites.”\u003c/p\u003e\n\u003cp\u003eThe HTTPS policy will make HTTPS the default across the federal government, improving the privacy and security of its visitors and API users around the world.\u003c/p\u003e\n\u003cp\u003eAgencies implementing HTTPS can refer to the \u003ca href=\"https://https.cio.gov/\"\u003eCIO Council’s website\u003c/a\u003e for technical guidance and best practices and can contribute to that site and collaborate publicly on HTTPS implementation on \u003ca href=\"https://github.com/GSA/https/issues\"\u003eGitHub\u003c/a\u003e. Anyone with a .gov or .mil email address can participate in an HTTPS support list by \u003ca href=\"mailto:https-help@listserv.gsa.gov\"\u003eemailing the listserv\u003c/a\u003e—leave the subject line empty and add “subscribe https-help” to the body.\u003c/p\u003e\n\u003cp\u003eNorms change quickly. The use of HTTPS ensures the highest level of protection for the government’s end user: the public.\u003c/p\u003e\n"}
  ]
}