{
    "version" : "https://jsonfeed.org/version/1",
    "content" : "news",
    "type" : "single",
    "title" : "DotGov Domain Registration Program to Provide HTTPS Preloading in May |Digital.gov",
    "description": "DotGov Domain Registration Program to Provide HTTPS Preloading in May",
    "home_page_url" : "/preview/gsa/digitalgov.gov/cm-topics-button-component/","feed_url" : "/preview/gsa/digitalgov.gov/cm-topics-button-component/2017/04/12/dotgov-domain-registration-program-to-provide-https-preloading-in-may/index.json","item" : [
    {"title" :"DotGov Domain Registration Program to Provide HTTPS Preloading in May","summary" : "Effective May 15, 2017, GSA’s DotGov Domain Registration Program will begin providing HSTS Preloading services for federal agencies. This new service helps ensure that visitor communication with .gov websites is not modified or compromised, and hostile networks cannot inject malware, tracking beacons, or otherwise monitor or change visitor interactions online.","date" : "2017-04-12T14:19:47-04:00","date_modified" : "2024-04-02T09:45:13-04:00","authors" : {"marina-fox" : "Marina Fox","eric-mill" : "Eric Mill"},"topics" : {
        
            "content-strategy" : "Content Strategy",
            "domain-management" : "Domain Management",
            "product-and-project-management" : "Product and project management",
            "security" : "Security"
            },"primary_image" : { "uid" : "https-padlock-weerapatkiatdumrong-istock-thinkstock-520737069-comp", "alt" :
  "A small metal padlock rests on a keyboard to represent HTTPS; hypertext transfer protocol secure.", "width" :
  "1200", "height" :
  "630", "credit" :
  "", "caption" :
  "weerapatkiatdumrong, iStock, Thinkstock", "format" :
  "png" },"branch" : "cm-topics-button-component",
      "filename" :"2017-04-12-dotgov-domain-registration-program-to-provide-https-preloading-in-may.md",
      
      "filepath" :"news/2017/04/2017-04-12-dotgov-domain-registration-program-to-provide-https-preloading-in-may.md",
      "filepathURL" :"https://github.com/GSA/digitalgov.gov/blob/cm-topics-button-component/content/news/2017/04/2017-04-12-dotgov-domain-registration-program-to-provide-https-preloading-in-may.md",
      "editpathURL" :"https://github.com/GSA/digitalgov.gov/edit/cm-topics-button-component/content/news/2017/04/2017-04-12-dotgov-domain-registration-program-to-provide-https-preloading-in-may.md","slug" : "dotgov-domain-registration-program-to-provide-https-preloading-in-may","url" : "/preview/gsa/digitalgov.gov/cm-topics-button-component/2017/04/12/dotgov-domain-registration-program-to-provide-https-preloading-in-may/","content" :"\u003cp\u003e\u003cstrong\u003eEffective May 15, 2017, GSA’s DotGov Domain Registration Program will begin providing HSTS Preloading services for federal agencies.\u003c/strong\u003e HSTS stands for HTTP Strict Transport Security (or HTTPS, for short). This new service helps ensure that visitor communication with .gov websites is not modified or compromised, and hostile networks cannot inject malware, tracking beacons, or otherwise monitor or change visitor interactions online.\u003c/p\u003e\n\u003cdiv class=\"image\"\u003e\n  \u003cimg\n    src=\"https://s3.amazonaws.com/digitalgov/_legacy-img/2015/06/600-x-400-https-weerapatkiatdumrong-iStock-Thinkstock-520737069.jpg\"\n    alt=\"A small metal padlock rests on a keyboard to represent HTTPS; hypertext transfer protocol secure\"/\u003e\u003cp\u003eweerapatkiatdumrong/iStock/Thinkstock\u003c/p\u003e\u003c/div\u003e\n\n\n\u003cp\u003eAs part of this new service, any \u003cstrong\u003efederal government \u003cu\u003eexecutive branch\u003c/u\u003e .gov domain\u003c/strong\u003e, created \u003cstrong\u003eafter May 15, 2017, will be automatically registered as HTTPS-only\u003c/strong\u003e in modern web browsers through HSTS preloading. This change will affect all web services hosted on these domains (including subdomains and internal sites). Existing executive branch federal .gov domains, including the ones up for renewal, will \u003cstrong\u003enot be\u003c/strong\u003e affected by this change.\u003c/p\u003e\n\u003cp\u003eOnce new .gov executive branch federal domains are registered as HTTPS-only, agencies MUST obtain and deploy HTTPS certificates to enable to access the websites hosted on these domains. Visitors will \u003cstrong\u003enot be\u003c/strong\u003e able to click through certificate warnings if the certificates expire or do not exist on those websites. \u003ca href=\"https://https.cio.gov/certificates\"\u003eLearn how to obtain HTTPS certificates\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eFor more details about the HSTS Preloading Service, check out the links below:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.gov/help/security-best-practices/#preload-your-domain\"\u003eHSTS Preloading best practices on dotgov.gov\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.cio.gov/2017/01/19/automatic-https-enforcement-new-executive-branch-gov-domains/\"\u003eThe original public announcement of this change\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://https.cio.gov/hsts\"\u003eGSA’s guidance on HTTPS, HSTS, and preloading\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIf you have any questions or concerns, please \u003ca href=\"mailto:registrar@dotgov.gov\"\u003eemail the DotGov Registrar\u003c/a\u003e, or call \u003ca href=\"tel:877-734-4688\"\u003e1-877-734-4688\u003c/a\u003e (toll-free) or \u003ca href=\"tel:703-948-0723\"\u003e1-703-948-0723\u003c/a\u003e (direct).\u003c/p\u003e\n"}
  ]
}