Encryption coming to federal websites

Encryption is coming to a federal website near you.

The White House is pushing for all federal agencies to encrypt their websites using the HTTPS protocol, which offers a greater level of security than the traditional HTTP version.

{mosads}“Unencrypted HTTP connections create a privacy vulnerability and expose potentially sensitive information,” states a website launched Tuesday to promote the effort.

“Data sent over HTTP is susceptible to interception, manipulation, and impersonation. This data can include browser identity, website content, search terms, and other user-submitted information.”

The new encryption push comes just a week after the White House switched to HTTPS for its own website. Some prominent government pages — CIA.gov, FTC.gov and HealthCare.gov — already use a secure connection, though hundreds more do not.

Under the HTTPS framework, communications between a website and a visiting Web user are only visible to those two parties. Privacy advocates strongly support the switch to stronger encryption.

The government is asking for feedback on its proposal by March 31. Once the policy is finalized, agencies would have two years to adopt the HTTPS standard, a move that will come with some cost and complication.