Engineers working on Google Chrome are proposing a warning system for web users about to visit a non-HTTPS website in order to improve web security.
The proposal is suggested on a Chrome engineering page and is being discussed by groups at Mozilla and the World Wide Web Consortium.
The engineers argue that, while the system may present challenges in that people often dismiss pop-up security alerts, the adoption of HTTPS should be embraced by the internet community.
"We, the Chrome Security Team, propose that user agents gradually change their UX to display non-secure origins as affirmatively non-secure. We intend to devise and begin deploying a transition plan for Chrome in 2015," they said.
"The goal of this proposal is to more clearly display to users that HTTP provides no data security."
The current system puts users at a disadvantage, according to the post, because no security information usually suggests no security. This must change as web users face a range of information attacks.
"We know that active tampering and surveillance attacks, as well as passive surveillance attacks, are not theoretical but are in fact commonplace on the web," they add.
"We know that people do not generally perceive the absence of a warning sign. Yet the only situation in which web browsers are guaranteed not to warn users is precisely when there is no chance of security: when the origin is transported via HTTP."
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff