Earlier this year at its Worldwide Developer Conference (WWDC), Apple announced Safari 11 and gave audiences a preview of the new features for the browser, including a redesigned error pages for SSL certificate warnings. Safari 11 was officially released last week for macOS and ships with the latest version, High Sierra. The new certificate warning […]
We expect the new CAA requirement to have a small impact on the security and complexity of the web, but we are happy it is an improvement with a low-cost process.
Earlier this year, both Google and Mozilla released versions of Chrome and Firefox with changes to their security indicators and updates for the SHA-1 deprecation. Both browsers feel that these changes will simultaneously help users recognize the risks of entering unsecure HTTP sites and urge site owners to upgrade to secure HTTPS connections. Chrome In […]
Google’s browser will explicitly state HTTP-connected sites are not secure in January 2017.
Google’s Chrome Connection Tab, security icons, and information were confusing for users and too basic for developers; now it is the Chrome Security Panel.
Short-lived certificates are a new innovation that can be used to extend TLS protections to a greater number of users.
The benefits of Google’s new project AMP are obvious, but the concerns warrant careful attention as well.
“This is not a long-term solution as connections are only as secure as the weaker of the two configurations.”
Browsers might deprecate trust for SHA-1 Certificates sooner than initially announced. Switch to SHA-2 now.