Global
Africa
South Africa
Albania
Australia
Austria
Belgium
Bosnia Herzegovina
Bulgaria
Canada
Canada FR
Croatia
Czech Republic
Denmark
Estonia
Finland 
Finland (English)
France
Germany
Hong Kong
Hungary
Iceland
India
Indonesia
Ireland
Israel
Italy
Kosovo
Latvia
Lithuania
Malaysia
Middle East
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Saudi Arabia
Serbia
Singapore
Slovakia
Slovenija
Spain
Sweden
Switzerland DE
Switzerland FR
Thailand
Turkey
USA
Ukraine
United Kingdom
Vietnam
Chrome 68 – or how TLS (previously SSL) is rapidly becoming the new TCP
Version 68 of the Google Chrome browser, announced for the beginning of July 2018, will introduce a new treatment of websites that do not use TLS (or its predecessor, SSL): it will mark them as “NOT SECURE”.
The whole story has been following a familiar path for years, and it is not just Google that pushes the “TLS-isation” of the web, just take a look at our article here.
As Chrome is one of the most widely used browsers in the world whose practices are closely followed by others (Mozilla, Microsoft, Apple, etc.), it is clear that this seemingly technical change carries significant widespread implications.
Implications for owners of any web content (from news portals to web services):
- Urgent adoption of TLS-only access (HTTP is legacy technology!) in order to retain SEO features and at least the same level of content popularity;
- Consequent consideration of “performance impact” and increased resource requirements in comparison with clear-text HTTP traffic that TLS will inevitably bring about;
- Review of server certificate management mechanisms (Entrust Solutions) and optimization of their costs, all the while ensuring the “A rating” (also connected with SEO and trust in service), for example, take a look at https://www.ssllabs.com/ssltest/
Implications for network content security, that is, IT operations within organizations:
- TLS is great for privacy, but TLS interface causes a lesser visibility of content in antivirus and other network-level analyses. Under conditions when >90% of internet gateway traffic becomes TLS encrypted, URL, web reputation and antivirus content filtering will without implementing adequate tools become blind and useless.
- Careful consideration of impact on performance once TLS becomes the new internet gateway TCP where network equipment that provides some type of TLS security treatment is already implemented. Will such trends hinder existing security equipment and reduce its effectiveness?
P.S. Google intends to continue perfecting user experience on HTTP vs. HTTPS websites – take a look at Chromium Blog for more details.
