You will be shown as "unsafe" on your HTTP site

The other day, the Google Chrome security team announced Plans to display "unsafe" mark on non-HTTPS sites
About posting on the website for developers.
It is said that the current HTTPS site is only about 33% in the Internet, and such a way is rippling in reports and the web community as "this can lead to user confusion".
20141222 Chrome will say that nonsecure http?

In this article, I will summarize the situation related to this announcement and how the site administrator should think.


Currently, Google strongly recommends that the site be HTTPS

Background to the presentation

"Reflect whether it is HTTPS in search ranking"
We are announcing the policy.
However, regarding this policy
"I will strengthen it over a long time from now" 
"Impact range is less than 1% of all search queries"
It is also thought that there is not much influence yet.
Under these circumstances, this content suggested by the Chrome security team is thought to be going forward one more piece in order for Google to "take over HTTPS over time".

The content of this time is "Proposal" to the last

However, the content of this proposal is "proposal" to the last, and it seems that Chrome is not yet implementing such specifications yet .
On the Google Chrome developer site that posted the proposal , it is written as follows.
· It will move in the direction to develop a specification change plan at Chrome in 2015 and then start deploying · Changes in specifications are gradually advanced · Whether this specification change is beneficial to users depends on the development community and users Continue discussions · When and how to display the display will also be decided based on discussion

The current state of the Internet and Google's speculation

Let's look back over the past history of HTTPS.
As mentioned earlier, the proportion of HTTPS-compliant sites is still relatively small, and in BBC reports it is said to be about 33% of all Internet sites .
For this reason, this news can also be read as follows.
· Google wants to convert nearly all the sites listed in the search results into HTTPS · I want to give the site administrator a preferential treatment of HTTPS site to start HTTPS · However, making HTTPS is troublesome, site administrator is quite Do not raise heavy waist · So, Google is putting more pressure on site administrators with various information

Market response and Google's response

Due to this situation, several concerns have come up in various places, including from SEO media to BBC, following this Google's announcement.
In addition,
"Doing that would create user confusion"
There is also concern that.
In response to this reaction, members of the Google Chrome team responded as follows and emphasized the attitude that they are not thinking about triggering user confusion .
We are reporting that it intends to threaten the user by warning the HTTP site, but we are not thinking about anything like a warning pops up when the HTTP site appears.
Also, it is a totally different story from putting out an indication of whether the web page is compatible with encryption (in the way we intend).
If you do that, the user just will not use that browser. Please do not misunderstand the details.

What should the site administrator do now?

There is no room to add significance to having more HTTPS sites is good, but it will be because of the "load on the site administrator side" that it does not progress. It seems that there is still a long way to go on Google side and site administrator (market) side for a while.

In addition, for site administrators who are lost in judgment, commentary on "sites that need to be converted to HTTPS in a hurry · not sites" is also released.

I hope that you can proceed with HTTPS of the management site with scheduling which is not impossible as soon as possible referring to these.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
Powered by Blogger.