The development vision of https encryption protocol from the attitude of Google and Mozilla2016-02-16
As the magnates in browser industry, Google and Mozilla will draw extensive attention after every important update. Invariably, two announcements of them have made the public fixate upon https encryption protocol again.
What kind of announcement
Mozilla announced that its browser would prompt warnings when users submit passwords on a non-https cryptographic web page. Ever since the developer edition 46 of Firefox, the browser would prompt a red stop icon to indicate privacy and security risks when one uses password entry on a non-https cryptographic web page. From Firefox 26, this problem would also be prompted to developers through developer tool, web controller, built in Firefox browser.
Google promoted the status of https website in Usenix Enigma security conference, planning to tag insecure to websites that use non-https encryption protocol (http websites). Google said that future internet should be secured and encrypted and all http websites should be tagged insecure. They would put this into practice.
Inexorable trend of internet security
Nowadays, the importance of internet security is gradually standing out. The deployments of https websites are doubled. Being pushed by internet magnates, it is the unavoidable change of the internet environment. This environment attaches huge importance to user experience and information security. Security hazard events like data leakage will damage the impression of products on customers, especially in e-commerce field or for financial products. We cannot imagine the drastic response if Alipay is exposed with data leakage.
Secure Socket Layer (SSL) is the most fundamental security standard of internet security worldwide. Webpage deployed with SSL certificate to realize https encryption can allow the real information receiver to read about related info as well as to prevent confidential info and important data from leaking though the internet. In domestic, Baidu, Taobao and many other rising internet financial institutions have completed the construction of full-site https in succession.
The series of actions of Google and Mozilla in these years showed the determination of these two browser companies to promote the construction of internet security. However, this is not an effective way to only depend on external promotion while internet security concerns the vital interests of companies and users. Companies' self-awakening of security awareness is more important in the long run.