Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Mozilla

Submission + - Firefox 4 to Force HTTPS Connections (threatpost.com)

Trailrunner7 writes: In an effort to help mitigate man-in-the-middle attacks that make normal HTTP connections look like secured HTTPS sessions, Mozilla is adding support in Firefox 4 for a new technology called HTTP Strict Transport Security that enables site operators to tell browsers to always request an HTTPS session on future visits.

The technology, which is also known as ForceTLS, is currently an IETF draft specification and Mozilla officials say it should give users more confidence in HTTPS connections over time. Right now, the existence of HTTPS in front of a URL in a browser's address bar is nothing close to a guarantee that the connection is actually a secure one. There are myriad man-in-the-middle attack scenarios that introduce a high level of uncertainty for SSL connections.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Firefox 4 to Force HTTPS Connections

Comments Filter:

The test of intelligent tinkering is to save all the parts. -- Aldo Leopold

Working...