All publicly accessible Federal websites and web services will soon be required to provide all services through secure HTTPS connections, after the White House Office of Management and Budget (OMB) Monday issued an HTTPS-Only Standard directive.
The standard aims to protect the data of visitors to federal websites by creating a stronger government-wide privacy standard and ensuring that connections don't expose potentially sensitive information. “HTTPS verifies the identity of a website or web service for a connecting client, and encrypts nearly all information sent between” them and the user, a memorandum from Federal Chief Information Officer Tony Scott explained.
OMB first proposed the standard in March, then courted public feedback, which it has since amended the standard to reflect. The mandate will go into effect starting Dec. 31.