Mozilla Takes Web Browsing Security to a New Level
Mozilla just released version 36 of its popular web browser Firefox. This new release introduces an important change. Some weak security certificates are no longer trusted by the browser. Why is this of interest? Well it’ll change web browsing for over 20% of web users. That’s one in five!
What type of certificates are no longer trusted? SSL certificates (all Root CA, intermediate, server and code-signing certificates) using an RSA key of less than 2048-bit. The impact on end users is a security warning notification for any site with the previously described encrypt. That is if you’re using Firefox as a browser of course.
Who cares about a mere security notification, right? Well, almost everyone. Because it’s annoying.
For the average user, this adds a bit of unease to the site they’re visiting. Good news is that this will probably push most website administrators to update their security certificates. A dip in traffic because of these security warnings isn’t exactly something they’d be thrilled about. There’s no denying that upgrading the certificates will be time consuming and there are many websites out there that are affected by this situation.
Thus comes this one question on every website owners’ mind…
Why is Mozilla doing this?
With this move, Mozilla makes a clear statement. Website admins should try and stay up-to-date with current standards and security threats. By still using old standards, these websites are potentially putting their users at risk.
Mozilla hopes that creating this friction with user experience will convince admins to update their certificates. Yes, this move might come as a surprise to most, but Mozilla has not done this out of the blue. We’ve known its plan to phase out 1024-bit encryption for a while now. The comprehensive roadmap of this change has been on its website since last September. I encourage you to read this post as it provides an in-depth overview of what this change means and how it is rolled out.
Keep in mind that Firefox auto updates itself whenever it notices a new version is available. Therefore, most Firefox users are already using v36 without necessarily being aware of it. Site admins should already be planning the updates of their security certificates.
As for users, if you see the above warning on any websites that have HTTPS at the beginning of their URL, there is a good chance you are visiting a site with 1024 bit encryption. Although this might be annoying until most sites conform to this new feature, remember that Mozilla is trying to improve your online experience. It wants to guarantee safe online presence for you.
Indeed, this is a bold move from Mozilla. But it shouldn’t be frowned upon, on the contrary! It should be praised as it sets new standards in web browsing security. Now only time will tell us, will other web browsers join Mozilla in its quest of safer web browsing?
The post Mozilla Takes Web Browsing Security to a New Level appeared first on SherWeb.