Title: More emphasis on integrity? · Issue #80 · GSA/https · GitHub
Open Graph Title: More emphasis on integrity? · Issue #80 · GSA/https
X Title: More emphasis on integrity? · Issue #80 · GSA/https
Description: Standardizing on HTTPS only is great, but I imagine one common reaction by some agencies will be, "we only serve static content, so there are minimal privacy issues." While serving up static content can have some privacy implications (e....
Open Graph Description: Standardizing on HTTPS only is great, but I imagine one common reaction by some agencies will be, "we only serve static content, so there are minimal privacy issues." While serving up static conten...
X Description: Standardizing on HTTPS only is great, but I imagine one common reaction by some agencies will be, "we only serve static content, so there are minimal privacy issues." While serving up sta...
Opengraph URL: https://github.com/GSA/https/issues/80
X: @github
Domain: github.com
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"More emphasis on integrity?","articleBody":"Standardizing on HTTPS only is great, but I imagine one common reaction by some agencies will be, \"we only serve static content, so there are minimal privacy issues.\" While serving up static content can have some privacy implications (e.g. looking up medical information from the CDC), an under-appreciated benefit of HTTPS is that it ensures the integrity of information in transit. It's conceivable that an adversary would want to tamper with content being served. For example, a potentially hostile country could silently modify published US policy when viewed by their citizens. In a less extreme example, an ISP could inject additional content (such as ads) into a page, causing users to think that agencies added or endorsed that content.\n\nWhile some agencies already use technology to ensure integrity (in particular, GPO's cryptographic signing of PDFs comes to mind), HTTPS transparently and automatically adds another layer of protection.\n","author":{"url":"https://github.com/supersat","@type":"Person","name":"supersat"},"datePublished":"2015-03-18T07:23:05.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":2},"url":"https://github.com/80/https/issues/80"}| route-pattern | /_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format) |
| route-controller | voltron_issues_fragments |
| route-action | issue_layout |
| fetch-nonce | v2:1c0622c3-3acd-90e7-5fb4-b18e338ce917 |
| current-catalog-service-hash | 81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114 |
| request-id | 98AE:33A48C:143D70E:1AAB9D3:69718BB8 |
| html-safe-nonce | e62525c14ae2af67c0d3f723a544e9d28a00220c79a19c3818896c33d458cd29 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI5OEFFOjMzQTQ4QzoxNDNENzBFOjFBQUI5RDM6Njk3MThCQjgiLCJ2aXNpdG9yX2lkIjoiNjQ1NjkyNDk2NDA4MTczMjUzNiIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | 1376b22e42f484347af931fa10b114cad1d4aacca085a3ee8d6fbaedcf49212a |
| hovercard-subject-tag | issue:62611996 |
| github-keyboard-shortcuts | repository,issues,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/GSA/https/80/issue_layout |
| twitter:image | https://opengraph.githubassets.com/cd2fe9378301f6d3ebcf2a1ba34019b4122a19915671ab7d2d994232b18e45e9/GSA/https/issues/80 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/cd2fe9378301f6d3ebcf2a1ba34019b4122a19915671ab7d2d994232b18e45e9/GSA/https/issues/80 |
| og:image:alt | Standardizing on HTTPS only is great, but I imagine one common reaction by some agencies will be, "we only serve static content, so there are minimal privacy issues." While serving up static conten... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | supersat |
| hostname | github.com |
| expected-hostname | github.com |
| None | 2b0f2f00499ad3dd2c21ad030a3c403edca54df20ea256f6517c6d8c4fa3a1a4 |
| turbo-cache-control | no-preview |
| go-import | github.com/GSA/https git https://github.com/GSA/https.git |
| octolytics-dimension-user_id | 643070 |
| octolytics-dimension-user_login | GSA |
| octolytics-dimension-repository_id | 28724827 |
| octolytics-dimension-repository_nwo | GSA/https |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 28724827 |
| octolytics-dimension-repository_network_root_nwo | GSA/https |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 67235153f3c1514ed5f7dc469f138abc377bd388 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width