You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jan 29, 2024. It is now read-only.
"The https:// ensures that you are connecting to the official website"
is one of the sentences in the section on how to know a site is an official one, teaching people that https means a safe site is a bad practice (google and mozilla realized this a long while ago, no more green icons) getting an TLS cert for a domain that looks similar to a real one is too easy and might trick consumers into trusting something they shouldn't.
The text was updated successfully, but these errors were encountered:
It's definitely true that there's nothing inherent to HTTPS that makes a particular site trustworthy. However, when a website that uses HTTPS also uses a .gov domain, the public can have reasonably strong expectations that the site is actually affiliated with a US-based government org and that the content received is what that org intended to publish.
@ryanwoldatwork is right that the USWDS banner still include HTTPS copy; see that PR for some more background.
"The https:// ensures that you are connecting to the official website"
is one of the sentences in the section on how to know a site is an official one, teaching people that https means a safe site is a bad practice (google and mozilla realized this a long while ago, no more green icons) getting an TLS cert for a domain that looks similar to a real one is too easy and might trick consumers into trusting something they shouldn't.
The text was updated successfully, but these errors were encountered: