2,438
edits
Changes
no edit summary
|-
| 2016 || {{dts|March 23}} || || || || Google provides a list of certificate authorities it does not trust.<ref>{{cite web|url = https://www.theregister.co.uk/2016/03/23/google_now_publishing_a_list_of_cas_it_doesnt_trust/|title = Google publishes list of Certificate Authorities it doesn't trust. Thawte experiment aims to expose issuers of dodgy creds|last = Chirgwin|first = Richard|date = March 23, 2016|accessdate = November 20, 2017|publisher = ''The Register''}}</ref>
|-
| 2016 || {{dts|April 28}} || Website || WIRED || Default HTTPS-only || ''WIRED'' announces that its website has gone HTTPS-only. The article announcing the transition explains the challenges involved in making sure every digital asset loaded on every page is HTTPS.<ref>{{cite web|url = https://www.wired.com/2016/04/wired-launching-https-security-upgrade/|title = WE'RE GOING HTTPS: HERE'S HOW WIRED IS TACKLING A HUGE SECURITY UPGRADE|last = Tollman|first = Zack|date = April 28, 2016|accessdate = February 11, 2018|publisher = ''WIRED''}}</ref>
|-
| 2016 || {{dts|June 14}} || App store service || Apple || Default HTTPS-only || At the {{w|Apple Worldwide Developers Conference}}, Apple announces that it will require all iOS apps to use HTTPS connections by the end of 2016.<ref>{{cite web|url = https://techcrunch.com/2016/06/14/apple-will-require-https-connections-for-ios-apps-by-the-end-of-2016/|title = Apple will require HTTPS connections for iOS apps by the end of 2016|last = Conger|first = Kate|date June 14, 2016|accessdate = February 11, 2018|publisher = ''TechCrunch''}}</ref>
|-
| 2016 || {{dts|June 15}} || Website || TechCrunch || Default HTTPS-only || Technology new website ''{{w|TechCrunch}}'' announces that it has gone HTTPS-only.<ref>{{Cite web|url = https://techcrunch.com/2016/06/15/techcrunch-has-gone-https/|title = TechCrunch has gone HTTPS|last = Wilke|first = Nicole|date = June 15, 2016|accessdate = November 19, 2017}}</ref>
| 2017 || {{dts|January}} || Browser || Chrome || Security warning || With version 56, {{w|Google Chrome}} begins marking as "Not Secure" (in the address bar) any webpages collecting sensitive data such as passwords or credit-card information without using HTTPS.<ref name=not-secure-october-plans>{{cite web|url = https://www.searchenginejournal.com/google-is-requiring-https-for-secure-data-in-chrome/183756/|title = Google Is Requiring HTTPS for Secure Data in Chrome|last = Murray|first = Brock|date = January 21, 2017|accessdate = November 19, 2017}}</ref><ref name=zdnet-noose>{{cite web|url = http://www.zdnet.com/article/google-tightens-noose-on-http-chrome-to-stick-not-secure-on-pages-with-search-fields/|title = Google tightens noose on HTTP: Chrome to stick 'Not secure' on pages with search fields. In October, Google will begin phase two of its plan to label all HTTP pages as non-secure.|last = Tung|first = Liam|date = April 28, 2017|accessdate = November 15, 2017|publisher = ZDNet}}</ref>
|-
| 2017 || {{dts|January 4}} || Website || National Public Radio || Default HTTPS-only || {{w|National Public Radio}} announces that it has transitioned most of its webpages and streaming content to HTTPS, and is making sure that any new content is served through HTTPS.<ref>{{cite web|url = http://digitalservices.npr.org/post/update-https-transition-streams-and-podcasts|title = Update to the HTTPS Transition for Streams and Podcasts|last = Faughan|first = Kate|date = January 4, 2017|accessdate = February 11, 2018|publisher = National Public Radio}}</ref>
|=
| 2017 || {{dts|March 30}} || Website || Pornhub || Default HTTPS-only || {{w|Pornhub}}, the world's largest pornographic video site, switches to HTTPS-only. Sister service YouPorn is scheduled to go HTTPS-only on April 4.<ref>{{cite web|url = https://www.wired.com/2017/03/pornhub-https-encryption/|title = THE WORLD'S BIGGEST PORN SITE GOES ALL-IN ON ENCRYPTION|last = Barrett|first = Brian|date = March 30, 2017|accessdate = November 9, 2017|publisher = ''Wired''}}</ref><ref>{{cite web|url = https://www.theverge.com/2017/3/30/15125048/pornhub-youporn-https-encryption-privacy|title = Pornhub now turns on encryption by default|last = Garun|first = Natt|date = March 30, 2017|accessdate = November 19, 2017|publisher = ''The Verge''}}</ref>
|-
| 2017 || {{dts|May 22}} || Website || Stack Overflow || Default HTTPS-only || {{w|Stack Overflow}} announces that it has migrated to HTTPS, after four years of work on the migration. All other Stack Exchange websites are also moved over to HTTPS.<ref>{{cite web|url = https://nickcraver.com/blog/2017/05/22/https-on-stack-overflow/|title = HTTPS on Stack Overflow: The End of a Long Road|date = May 22, 2017|accessdate = November 19, 2017|last = Craver|first = Nick}}</ref><ref>{{cite web|url = https://stackoverflow.blog/2017/05/22/stack-overflow-flipped-switch-https/|title = How Stack Overflow Flipped the Switch on HTTPS|last = Taylor|first = Anita|date = May 22, 2017|accessdate = November 19, 2017|publisher = Stack Overflow}}</ref>
|-
| 2017 || May through {{dts|August 16}} || Website || Springer-Verlag || Default HTTPS-only || Publisher Springer transitions its websites to HTTPS, with HTTP redirecting to HTTPS.<ref>{{cite web|url = https://knowledge.exlibrisgroup.com/360_Services/360_Link/Knowledge_Articles/360_Link%3A_Springer_Transition_to_https_--_effective_August_16%2C_2017|title = 360 Link: Springer Transition to https -- effective August 16, 2017|date = August 7, 2017|accessdate = February 11, 2017|publisher = ExLibris Knowledge Center}}</ref><ref>{{cite web|url = https://springeronlineservice.freshdesk.com/support/solutions/articles/6000165911-switching-to-https|title = Switching to HTTPS|publisher = Springer Online Service on Freshdesk|date = September 6, 2017|accessdate = February 11, 2018}}</ref>
|-
| 2017 || {{dts|September 13}} || Website || Imgur || Default HTTPS-only || Image-hosting service {{w|Imgur}} defaults to HTTPS-only for all users (both logged-in and others).<ref>{{cite web|url = https://community.imgur.com/t/defaulting-to-https-01-xx-2015-request-fulfilled-as-of-09-13-2017/5146/59|title = Defaulting to https (01-XX-2015) - Request fulfilled as of 09-13-2017!|date = January 29, 2015|accessdate = November 20, 2017}}</ref>
|-
| 2018 || {{dts|February 27}} || Certificate authority || Let's Encrypt || Wildcard support || Let's Encrypt plans to make wildcard support fully available on this date, after launching a public test API endpoint for the ACME v2 protocol and wildcard support on January 4, 2018.<ref>{{cite web|url = https://letsencrypt.org/2017/07/06/wildcard-certificates-coming-jan-2018.html|title = Wildcard Certificates Coming January 2018|last = Aas|first = Josh|date = July 6, 2017|accessdate = January 28, 2018|publisher = Let's Encrypt}}</ref>
|-
| 2018 || {{dts|July}} (planned date), February 8 (announcement) || Browser || Chrome || Security warning || Google Chrome announces that starting with Chrome 68, which will be released in July, all plain HTTP sites will be marked as not secure.<ref>{{cite web|url = https://security.googleblog.com/2018/02/a-secure-web-is-here-to-stay.html|title = A secure web is here to stay|date = February 8, 2018|accessdate = February 11, 2018|publisher = Google Security Blog|last = Schechter|first = Emily}}</ref><ref>{{cite web|url = https://techcrunch.com/2018/02/08/chrome-will-soon-mark-all-unencrypted-pages-as-not-secure/|title = Chrome will soon mark all unencrypted pages as ‘not secure’|last = Lardinois|first = Frederic|date = February 8, 2018|accessdate = February 11, 2018|publisher = ''TechCrunch''}}</ref><ref>{{cite web|url = https://arstechnica.com/gadgets/2018/02/from-july-on-chrome-will-brand-plain-old-http-as-not-secure/|title = From July on, Chrome will brand plain old HTTP as “Not secure”. The "Not secure" label will go where the padlock would go for an encrypted connection.|last = Bright|first = Peter|date = February 9, 2018|accessdate = February 11, 2018|publisher = ''ArsTechnica''}}</ref>
|}
