Google wants to mark http as insecure in all browsers

Google’s Chrome Security Team wants all internet browsers to show a warning when someone visits a site via the ‘unsafe’ http. In this way, the internet giant wants to create awareness among users worldwide.

For the time being, this is a proposal and everyone should still be able to have their say about it, the team believes. Nevertheless, the Chrome Security Team believes that displaying a warning when an unsecured connection improves the safety of internet users, because they can then make an informed decision to continue via http.

Google’s security team believes there are three levels of site security that browsers can distinguish. The first level includes sites that are offered entirely via https. The second is “dubious” because a valid SSL certificate contains tls errors, for example. Finally, there is the insecure level, where a site is served entirely via http or there is an invalid certificate.

By displaying the three levels in a browser, possibly by a certain color in the navigation bar, users can be better informed about security. “The only situation where web browsers are now guaranteed not to warn users is exactly when they have no chance of security, which is when the site is served over http,” the Chrome Security Team said.

Google’s team says it plans to roll out such functionality in its browser, Chrome, by next year. In addition, the team encourages other browser builders to think along and eventually come up with a similar solution.