[Chapter-delegates] Global Encryption Day: Advocacy Toolkit Is Here!

Hank Nussbacher hank at isoc.org.il
Wed Sep 29 01:37:09 PDT 2021 

On 27/09/2021 20:39, Jeff Wilbur via Chapter-delegates wrote:
> Global Encryption Day: Advocacy Toolkit Now Available  (Sep 23, 2021)
>
> Regarding your reference to other uses of encryption (e.g, TLS, 
> DoH/DoT), you make great points, and we can use these for ongoing 
> education and calls to action for users to make wise choices regarding 
> encryption. Thanks again for your feedback - together we can all help 
> build a more secure and trustworthy Internet for everyone!
>
> Regards,
>
> Jeff Wilbur
>
> Senior Director, Online Trust
>
> Internet Society
>
Hi Jeff,

I guess I am too much of a nut and bolts geek.  So to all those 
delegates on the list.....

How to improve end to end encryption in your country?

Today, between 75% 
(https://w3techs.com/technologies/details/ce-httpsdefault) and 82% 
(https://letsencrypt.org/stats/#percent-pageloads) of all web sites 
worldwide use https which is the encrypted protocol for http.  How can 
we help increase that number?

Welcome to the site: https://whynohttps.com/ which documents those sites 
that don’t automatically redirect http requests to an https server.  Not 
all data listed is 100% accurate but most of it is. Underneath the 
initial list is data per country.  Just click on the flag icon to see 
http sites for your country.  Here is where you come in.  If you 
recognize a site – drop them an email and ask them why they don’t use 
encrypted http also known as https?

The next stage is to improve the encryption used by https sites. The 
protocol known as SSL (Secure Sockets Layer – now known as TLS - 
Transport Layer Security) has undergone dozens of changes over the past 
25 years.  But there is a site that can analyze any site and to 
determine whether it complies with all the latest encryption protocols: 
https://www.ssllabs.com/ssltest

Just type in your site and click “Submit”.  Anything less than an “A” 
rating means the encryption used is not perfect.  For example, numerous 
sites still support TLS 1.0 even though it was deprecated as not being 
secure 
(https://www.venafi.com/blog/why-its-dangerous-use-outdated-tls-security-protocols). 
Once you identify a site with less than an “A” rating, contact them and 
inform them that their encryption needs to be improved.
There you have it: two easy steps that everyone can do to help create a 
more secure Internet.


Regards,
Hank Nussbacher
ISOC-IL

More information about the Chapter-delegates mailing list