We expect the new CAA requirement to have a small impact on the security and complexity of the web, but we are happy it is an improvement with a low-cost process.
Earlier this year, both Google and Mozilla released versions of Chrome and Firefox with changes to their security indicators and updates for the SHA-1 deprecation. Both browsers feel that these changes will simultaneously help users recognize the risks of entering unsecure HTTP sites and urge site owners to upgrade to secure HTTPS connections. Chrome In […]
Google’s browser will explicitly state HTTP-connected sites are not secure in January 2017.
Google’s Chrome Connection Tab, security icons, and information were confusing for users and too basic for developers; now it is the Chrome Security Panel.
Short-lived certificates are a new innovation that can be used to extend TLS protections to a greater number of users.
The benefits of Google’s new project AMP are obvious, but the concerns warrant careful attention as well.
“This is not a long-term solution as connections are only as secure as the weaker of the two configurations.”
Browsers might deprecate trust for SHA-1 Certificates sooner than initially announced. Switch to SHA-2 now.
Mozilla released Firefox 42 with an initiative to improve the privacy and security experience for the average user.