This repository has been archived by the owner on Jan 29, 2024. It is now read-only.
Don't glorify HTTPS #89
Comments
|
For reference, the latest USWDS still contains |
|
It's definitely true that there's nothing inherent to HTTPS that makes a particular site trustworthy. However, when a website that uses HTTPS also uses a .gov domain, the public can have reasonably strong expectations that the site is actually affiliated with a US-based government org and that the content received is what that org intended to publish. @ryanwoldatwork is right that the USWDS banner still include HTTPS copy; see that PR for some more background. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
"The https:// ensures that you are connecting to the official website"
is one of the sentences in the section on how to know a site is an official one, teaching people that https means a safe site is a bad practice (google and mozilla realized this a long while ago, no more green icons) getting an TLS cert for a domain that looks similar to a real one is too easy and might trick consumers into trusting something they shouldn't.
The text was updated successfully, but these errors were encountered: