In this day and age, there are millions of Internet users benefiting from improved security on the web. Still, some fall prey to non-secure websites. As such Mozilla has initiated an action of phasing out non-secure HTTP from its browser.
Mozilla to phase out Non-Secure HTTP
Mozilla, today made an announcement that it is depreciating non-secure HTTP especially features of the non-secure websites that pose risks to users’ security and privacy. The browser-maker is in a way committing itself to focus on new developments on the web.
There are two broad elements of this plan:
- Setting a date after which all new features will be available only to secure websites
- Gradually phasing out access to browser features for non-secure websites.
“Since the goal of this effort is to send a message to the web developer community that they need to be secure, our work here will be most effective if coordinated across the web community,” wrote, Firefox security lead Richard Barnes in a blog.
Taking note of the statements from IETF, IAB, W3C, and the U.S. Government calling for universal use of encryption, Mozilla made this decision. While the early announcement hints of depreciating non-secure HTTP, it does not mean the complete removal of HTTP support from Firefox now.
It is a probably the first step in right direction. Mozilla is aware of the fact that it needs to give to webmasters and companies enough time for making the necessary changes to their web properties before features are removed for HTTP sites.
There are sites that might not upgraded to HTTPS since, even if certificates are available for free, it still requires time and the necessary infrastructure to execute plan of this scale. Moreover, it is quite a technical process that usually requires some troubleshooting on the site itself to get it right.
Google is already considering HTTPS as a ranking signal for its search results. Mozilla becomes the second company to take a step towards promoting HTTPS.