HTTP 2.0 Could Be HTTPS Only

By | November 13, 2013 | 6 Comments

HTTP 2.0 Might Be HTTPS OnlyFocuses on the use of encryption on the Web.

With never ending news about spying, Internet freedom and such, Mark Nottingham, the web infrastructure developer and the chairman of W3C group, has listed a couple of proposals that relate to the HTTP 2.0 protocol.

Most importantly, if everything goes as planned, HTTP 2.0 will only be used with https:// URIs, thus enhancing the overall security. Not only that but it looks like the web browser makers are the ones pushing for more use of encryption and support the idea, which is a good sign.

While decision isn’t final, there seems to be a general consensus that this is indeed a way to go, with Mark stating that “As HTTP/2 is deployed, we will evaluate adoption of the protocol and might revisit this decision if we identify ways to further improve security.”


About (Author Profile)


Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

  • jacksonsquire

    I believe the big question here with HTTPS only is what to do about the ridiculous rates required for wildcard trusted certificates. If HTTPS is required something must be done about that first otherwise adoption of HTTP 2 will be just the big guys.

    • http://bseddon.myopenid.com/ bseddon

      This was my first thought when I read this. So now I’m off to read about the people involved in the proposed standard and look at their affiliations. Thwate, Network Solution, GeoTrust maybe?

  • http://www.gahe.co/ Gahe

    I definitely bookmark this page and share it with your friends, hopefully will be useful to them.

  • Marcos

    Awesome news! :)

  • ciddan

    HTTPS is nice and all, but the bigger issue is the type of encryption used for transport. Browser and server side support for perfect-forward-secrecy encryption algorithms such as ephemeral Diffie-Hellman is almost more important.