HTTPS as a Standard
Written by Ben Friedman, July 8th, 2016
As the web continues to grow it's become fairly apparent that more and more of our personal lives become public. So much so that it's become an issue whether or not you should even supply your email to some sites. Let alone sign up. Nowadays if someone is running a login based site, or any other authentication measure, it is strongly encouraged that they encorporate HTTPS.
So what is HTTPS anyhow? For some, it has become a standard. For others it's simply a matter of whether or not you see a padlock next to the name of the site you're visiting. In either case most people are familiar with it in one context another. HTTPS, or HTTP over TLS, is a protocol to securely communicate over a computer network. It's what allows you to view your cat photos, without someone else viewing them as well.
Now beyond pictures HTTPS comes into full use when you're transmitting sensitive information. Anything from birth dates, passwords, social security numbers and credit cards. We trust that this information is handled securely. It's up to HTTPS, and the operators of sites secured using this protocol, to ensure that this trust is upheld. It's becoming more of a standard to implement HTTPS, even in scenarios where no information is explicitly supplied by a user.
Even with this widespread acceptance there are still many sites that remain unprotected, and still others are not quite up to snuff even though they are using HTTPS. Again, this is something that is up to the owners and operators of today's world wide web to ensure and protect. Thankfully obtaining an TLS/SSL certificate (used in the means of establishing an HTTPS connection) has become something akin to shopping for groceries. It doesn't take too long, nor is it too complex.
The only limitation that remains for most is related to the price, which can be quite steep for some, sometimes even amounting to over a thousand a year. It is in regards to this issue that the web has provided an additional solution, Lets Encrypt, and it's free! Well, relatively free. It requires a bit of know how and the time to set it up, however the process to aquire certificates required to establish a secure connection via HTTPS can be setup in 5 minutes or less. Once set it up a user may even configure automatic renewal, reducing the time to near nothing, truly freeing their hands from periodic maintenance. Although in reality a prudent owner or operator will check on things frequently to ensure all is well.
Now although I could dive into the intricacies of why this is near essential in modern day communication. I will leave the choice up to you. Hopefully, if you own a site, you have already decided and are proudly protecting the privacy of your visitors! If you haven't yet, it's never too late to start serving your own site in a secure fashion, and it's quite easy as well!
Questions? Corrections? Concerns? Contact us at firstname.lastname@example.org