Secure website connection (HTTPS)
Why
- Does my site need HTTPS?
- "Why HTTPS for Everything?" by CIO.gov
- "Still think you don't need HTTPS?" by Scott Helme
Usage statistics
- .nl statistics on HTTPS by SIDN Labs
- "Percentage of Web Pages Loaded by Firefox Using HTTPS"
- "HTTPS Usage" by Google
- Pulse - TLS1.3 metric by Internet Society
Background information
- 'Transport Layer Security (TLS), Security guidelines version 2025-05' by NCSC-NL
- 'ICT security guidelines for web applications' by NCSC-NL (in Dutch)
- Mozilla SSL Configuration Generator
- Bettercrypto.org
- How HTTPS works
Specifications
HTTPS
- RFC 9325: Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
- RFC 8996: Deprecating TLS 1.0 and TLS 1.1
- RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3
- RFC 5246: The Transport Layer Security (TLS) Protocol, Version 1.2
- RFC 6797: HTTP Strict Transport Security (HSTS)
CAA
- RFC8659: DNS Certification Authority Authorization (CAA) Resource Record
- RFC8657: Certification Authority Authorization (CAA) Record Extensions for Account URI and Automatic Certificate Management Environment (ACME) Method Binding
- Baseline Requirements by Certification Authority Browser Forum
- Certification Authority Restriction Properties by IANA