UK Government Websites To Be Secured By HTTPS, HSTS, DMARC By October 2016

Status
Not open for further replies.

Haravikk

Distinguished
Sep 14, 2013
317
0
18,790
Ah the slow speed of technology in government. It's good to see them finally moving forward with this; I assume they're doing more than just adding DMARC though, as this also requires SPF and DKIM.

It also really needs to come with strict requirements for algorithms, as many that are usable in HTTPS are no longer recommended, so HTTPS alone is not enough if you have weak encryption schemes enabled. I'd like to see them keep up to date with developments on these issues.
 
Interesting. The UK govt, on the one hand, insists affiliated agencies take common sense precautions and more when it comes to security for their own sites, all the while encouraging common citizens not to routinely change their passwords (citing the inconvenience it poses), and mulls over removing encryption for them as well. Brilliant!
 
Status
Not open for further replies.