Trust on the internet is derived from Certificate Authorities that issue digital certificates to verify that users are actually visiting legitimate sites. Over the years, Google and other browsers have removed authorities that fail to be up to par, with Chrome now pushing a new Certificate Transparency Policy that comes into effect today.
https Stories May 1
https Stories January 26, 2017
Google is now operating its own Root Certificate Authority to increase product security
Noting the foundational importance of HTTPS in the evolution of the web going forward, Google is now operating its own Root Certificate Authority. Responsible for authenticating the identity of websites, Google Trust Services will operate certificates on behalf of Google and Alphabet.
https Stories September 8, 2016
Deal: Get Pixelbook at 25% off: $750!
https Stories August 1, 2016
https Stories January 27, 2016
Chrome 48 beta’s new Security Panel in DevTools makes it easier to create HTTPS pages
Google has announced that it’s rolling out a new feature in Chrome 48 beta so that developers can better find and fix issues hindering their sites from showing as ‘secure’. The new Security Panel in DevTools will help web developers deploy HTTPS web pages more easily by showing connection information for every network request, and indicating whether or not they’re secure.
Devs will be able to see an overview of any given page. Secure pages will be indicated as such by a green lock, or green dot. Non-secure pages will have a yellow/orange triangle and will have information indicating why that particular page isn’t classed as secure.
This overview shows whether the page has a valid certificate, a secure TLS connection, as well as whether or not there’s any mixed content (aka if it loads insecure HTTP subresources). If there is mixed content, you can easily see what it is, and fix it.
Google launched the new Security Panel to replace the old ‘Connection Info’ tab which the company stated was too complicated for most users, but too basic for most devs. It didn’t make it clear exactly what was causing a site or page to show as non-secure.
Security Panel was originally shown off at the Chrome Dev Summit, where Emily Stark, a Google software engineer showed off the new tool in detail:
Security Panel in DevTools will begin its rollout over the next few days.
https Stories January 22, 2016
Google rolling out HTTPS cached website pages for HTTPS-enabled sites
HTTPS has become the rule, rather than the exception to the rule, in recent years. And in an effort to usher in the encrypted and more-secure communication protocol, Google announced last month that it would begin prioritizing HTTPS sites over HTTP sites when indexing the web. Unsurprisingly, Google is also slowly-but-surely making sure all of its own web properties use HTTPS over standard HTTP. Google’s cached pages available on the search site are now part of the club…