HTTPS
HTTPS gives your users a safe and secure connection to your website. It is recognisable by the padlock in your web browser. This is a fundamental security standard which ensures that your user’s connection cannot be tapped or manipulated.
Why?
- Does my site need HTTPS?
- "Why HTTPS for Everything?" by CIO.gov
- "Still think you don't need HTTPS?"by Scott Helme
Adoption statistics
Further information
- Factsheet "HTTPS could be a lot more secure" from NCSC-NL
- "ICT securitity guidelines for TLS v2.0" from NCSC-NL
- Mozilla SSL Configuration Generator
- Bettercrypto.org
- How HTTPS works
Specifications
- RFC 2818: HTTP Over TLS
- RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3
- RFC 5246: The Transport Layer Security (TLS) Protocol, Version 1.2
- RFC 6797: HTTP Strict Transport Security (HSTS)
- RFC 6698: The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA"