HTTP is dead. Here’s why, and what you need to know to migrate to HTTPS.
Delivered to WordCamp US in Philadelphia on December 5, 2015.
Detailed guide: https://docs.google.com/document/d/1EJKAoa4Hxc4AyH0znuA_AAplcNeNejEhATFptFX-OME/edit
10. Marking HTTP As Non-Secure
We, the Chrome Security Team, propose that user
agents (UAs) gradually change their UX to
display non-secure origins as affirmatively
non-secure. We intend to devise and begin
deploying a transition plan for Chrome in 2015.
The goal of this proposal is to more clearly display
to users that HTTP provides no data security.
11. Marking HTTP As Non-Secure
We, the Chrome Security Team, propose that user
agents (UAs) gradually change their UX to
display non-secure origins as affirmatively
non-secure. We intend to devise and begin
deploying a transition plan for Chrome in 2015.
The goal of this proposal is to more clearly display
to users that HTTP provides no data security.
12.
13. Deprecating Non-Secure HTTP
Today we are announcing our intent to phase out
non-secure HTTP.
There are two broad elements of this plan:
1. Setting a date after which all new features will be
available only to secure websites
2. Gradually phasing out access to browser
features for non-secure websites, especially
features that pose risks to users’ security and
privacy.
14. Deprecating Non-Secure HTTP
Today we are announcing our intent to phase out
non-secure HTTP.
There are two broad elements of this plan:
1. Setting a date after which all new features will be
available only to secure websites
2. Gradually phasing out access to browser
features for non-secure websites, especially
features that pose risks to users’ security and
privacy.
15. Deprecating Non-Secure HTTP
Today we are announcing our intent to phase out
non-secure HTTP.
There are two broad elements of this plan:
1. Setting a date after which all new features will be
available only to secure websites
2. Gradually phasing out access to browser
features for non-secure websites, especially
features that pose risks to users’ security and
privacy.
19. A Call to Action
If you run a news site, or any site at all, we’d like
to issue a friendly challenge to you. Make a
commitment to have your site fully on HTTPS by
the end of 2015 and pledge your support with
the hashtag #https2015.
—Eitan Konigsburg, Rajiv Pant and Elena Kvochko
“Embracing HTTPS”
November 13, 2014
105. Many graphics from The Noun Project
Tombstone by Jakob Wells. Congress by Martha Ormiston.
Shield by Wayne Thayer. Snail by aLf. Server by Yazmin
Alanis. SEO by Azis. Money by Nick Levesque. Warning by
Icomatic. Shopping cart by Patrizia Daidone. Lock with
keyhole by Brennan Novak. Scribble by Michael Chanover.
Calendar by Mani Amini. Error by Anas Ramadan. Network by
Stephen Boak. Hat based on work by Blake Kimmel.