‹ Back
Deploy360 23 April 2014

Wired: It's Time To Encrypt The Entire Internet

Dan York
By Dan YorkDirector of Web Strategy

Wired MagazineIs it time to “dump the plain text Internet” and encrypt everything everywhere? That’s the main thrust of an article by Klint Finley in Wired last week: “It’s Time to Encrypt the Entire Internet“. As he writes:

The Heartbleed bug crushed our faith in the secure web, but a world without the encryption software that Heartbleed exploited would be even worse. In fact, it’s time for the web to take a good hard look at a new idea: encryption everywhere.

Most major websites use either the SSL or TLS protocol to protect your password or credit card information as it travels between your browser and their servers. Whenever you see that a site is using HTTPS, as opposed to HTTP, you know that SSL/TLS is being used. But only a few sites — like Facebook and Gmail — actually use HTTPS to protect all of their traffic as opposed to just passwords and payment details.

He goes on to discuss viewpoints from Google’s Matt Cutts and and a number of other security professionals. As he notes at the end, there are costs, both in terms of financial costs for TLS/SSL certificates and also in terms of performance, but the greater security benefits are ones that we all need.

We definitely agree with the need to encrypt connections across the Internet. That’s why we’ve opened up the “TLS For Applications” area here on Deploy360 and why we are seeking to find or write a number of documents to help developers more quickly integrate TLS into their apps.

What do you think? Should connections across the Internet be encrypted?

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

What Can App Developers Learn From Heartbleed?
Deploy36011 April 2014

What Can App Developers Learn From Heartbleed?

What lessons can application developers take from the Heartbleed bug?  How can we use this experience to make the Internet...

Introducing A New Deploy360 Topic: TLS for Applications
Deploy36028 February 2014

Introducing A New Deploy360 Topic: TLS for Applications

How can we help make it easier for developers to learn how to add TLS (SSL) support to their applications?...

TLS-O-MATIC Now Available To Test TLS In Applications
Deploy36012 March 2015

TLS-O-MATIC Now Available To Test TLS In Applications

Do you want to test how well your application supports TLS over HTTP?  If so, you can now head over...

Join the conversation with Internet Society members around the world