Changes

Jump to: navigation, search

Timeline of HTTPS adoption

1,174 bytes added, 08:11, 1 December 2019
no edit summary
This timeline describes gives a history of HTTPS usage and adoption, describing the gradual increase in websites and clients using HTTPS.HTTPS is a secure, encrypted version of HTTP and has been implemented using Sockets Layer (SSL) and Transport Layer Security (TLS). The timeline spans the period from 1994, when HTTPS and SSL were first introduced on {{w|Netscape Navigator}}, to 2019, by which time HTTPS is uniquitous and accounts for more traffic than plain, unencrypted HTTP. == Sample questions == * What were the major protocols related to HTTPS and when were they defined? (Sort the Full timeline by "Entity type" and look for the group of rows for which this says "Standard")* When did various leading news sites migrate to HTTPS, and what challenges did they face while migrating? (Sort the Full timeline by "Entity type" and look for the group of rows for which this says" Website"; scan the "Entity name" column to find the news websites or other sites of interest to you; then read the "Details" column and look at the cited reference)* How can we get quantitative data on how many sites and how much traffic uses HTTPS? (Sort the Full timeline by "Entity type" and look for the rows for which this says "Report" or "Report/Observator")
== Big picture ==
| 2011 || {{dts|January}} || Website || Facebook || Opt-in HTTPS-only || {{w|Facebook}} begins allowing logged-in users to opt in to have all their Facebook browsing encrypted by HTTPS.<ref name=facebook-https-default>{{cite web|url = https://techcrunch.com/2012/11/18/facebook-https/|title = Facebook Could Slow Down A Tiny Bit As It Starts Switching All Users To Secure HTTPS Connections|last = Constine|first = Josh|date = November 18, 2012|accessdate = November 19, 2017|publisher = ''TechCrunch''}}</ref>
|-
| 2011 || {{dts|January}} || Standard || OCSP stapling || Protocol || RFC 6066, introducing OCSP stapling, is published.<ref>{{cite web|url = https://tools.ietf.org/html/rfc6066|title = Transport Layer Security (TLS) Extensions: Extension Definitions|date = January 1, 2011|accessdate = November 19, 2017}}</ref> OCSP stapling is an alternative approach to the {{W|Online Certificate Status Protocol}} that allows the presenter of a certificate to bear the resource cost involved in providing OCSP responses by appending ("stapling") a time-stamped OCSP response signed by the CA to the initial TLS handshake, eliminating the need for clients to contact the certificate authority. RFC 6961 would cover the case of multiple OCSP stapling.<ref>{{cite web|url = https://tools.ietf.org/html/rfc6961|title = The Transport Layer Security (TLS) Multiple Certificate Status Request Extension|date = June 1, 2013|accessdate = November 19, 2017}}</ref>
|-
| 2011 || {{dts|March 15}} || Website || Twitter || Opt-in HTTPS-only || {{w|Twitter}} begins allowing logged-in users to opt in to have all their Twitter browsing encrypted by HTTPS.<ref name=twitter-https-optin>{{cite web|url = https://blog.twitter.com/official/en_us/a/2011/making-twitter-more-secure-https.html|title = Making Twitter more secure: HTTPS|date = March 15, 2011|accessdate = November 19, 2017|publisher = Twitter}}</ref>
2,422
edits

Navigation menu