The Office of Management and Budget is seeking public and private sector comments on its plan to transition federal websites to the secure hypertext transfer protocol for computer network communication, Federal News Radio reported Tuesday.
Jason Miller writes the OMB’s draft proposal would require existing and new federal agency web services to adopt the HTTPS standard based on certain criteria within two years.
OMB wants the migration to HTTPS to help double the security layer for web services that use the DNS-Sec standard, Miller reports.
“HTTPS verifies the identity of a website or web service for a connecting client, and encrypts nearly all information sent between the website or service and the user,” the office said.
OMB also wants to prioritize HTTPS deployment based on risk analysis results and the involvement of personally identifiable information in websites, according to the report.
The agency says HTTPS is designed to protect information such as cookies, user agent details, URL paths, form submissions and query string parameters from eavesdroppers, the report says.
Responders to the draft need to submit details about site performance, server name indication extension and costs associated with development and maintenance of a website, the station reports.