René's URL Explorer Experiment

Title: Finalizing the HTTPS-Only Standard as formal policy by konklone · Pull Request #108 · GSA/https · GitHub

Open Graph Title: Finalizing the HTTPS-Only Standard as formal policy by konklone · Pull Request #108 · GSA/https

X Title: Finalizing the HTTPS-Only Standard as formal policy by konklone · Pull Request #108 · GSA/https

Description: The proposed HTTPS-Only Standard has now been finalized as the White House Office of Management and Budget memorandum M-15-13, "Policy to Require Secure Connections across Federal Websites and Web Services". This pull request contains some changes between the original proposal, and the finalized version, detailed below. Thanks to everyone who participated in the public comment period! The public comment period elicited a number of highly detailed and helpful submissions, and the resulting policy is better for this feedback. For more details, the White House, 18F, and the CIO Council each have some accompanying blog posts about the release of the policy: White House: HTTPS-Everywhere for Government 18F: The U.S. Government is Moving to HTTPS Everywhere CIO Council: HTTPS-Everywhere for Government (different than the WH post) Below are some details on the changes we've made since the original proposal. I've mapped some to commits, but some are lumped in to others. 725b141 - Emphasize that high-priority websites should begin the HTTPS migration process immediately, and set a specific deadline of December 31, 2016. 7f0836c - Elaborate on planning for change, mention cipher/protocol choices and forward secrecy explicitly. 6cb9a30 and eee26c9 - Incorporate the IETF's suggested revisions on integrity in #97, and then make further edits to relevant areas to clarify mixed content and SNI. Thanks to @josephlhall for the detailed pull request. e2061fe - A number of non-substantive copy changes, and rewording to reflect the transition from proposal to policy. Thank you again to everyone who participated! Fixes #78, fixes #79, fixes #80, fixes #81, fixes #83, fixes #84, fixes #86, fixes #87, fixes #88, fixes #89, fixes #92, fixes #93, fixes #94, fixes #95, fixes #96, fixes #97, fixes #98, fixes #99, fixes #100, fixes #101, fixes #103, fixes #104, fixes #105, fixes #106, and fixes #107.

Open Graph Description: The proposed HTTPS-Only Standard has now been finalized as the White House Office of Management and Budget memorandum M-15-13, "Policy to Require Secure Connections across Federal Websites and...

X Description: The proposed HTTPS-Only Standard has now been finalized as the White House Office of Management and Budget memorandum M-15-13, "Policy to Require Secure Connections across Federal Websites...

Opengraph URL: https://github.com/GSA/https/pull/108

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern	/:user_id/:repository/pull/:id/files(.:format)
route-controller	pull_requests
route-action	files
fetch-nonce	v2:a2ae6853-ce9e-00ea-86b5-c535c937c3bd
current-catalog-service-hash	ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-id	CB86:340321:6B6A5E3:8A9E86B:697583DC
html-safe-nonce	74e141d2b75b5a4b21ff3fcfcce5a1fc402ffada802a69d02ef93c76091090fc
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDQjg2OjM0MDMyMTo2QjZBNUUzOjhBOUU4NkI6Njk3NTgzREMiLCJ2aXNpdG9yX2lkIjoiMzkyMjMyMjQyNzQ5NjIwMzIyOCIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac	e67c941b28e52459927a6b7e52175cc815c1fe007b58fd369bffb85e1498d2c7
hovercard-subject-tag	pull_request:37190491
github-keyboard-shortcuts	repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	///pull_requests/show/files
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/GSA/https/pull/108/files
twitter:image	https://avatars.githubusercontent.com/u/4592?s=400&v=4
twitter:card	summary_large_image
og:image	https://avatars.githubusercontent.com/u/4592?s=400&v=4
og:image:alt	The proposed HTTPS-Only Standard has now been finalized as the White House Office of Management and Budget memorandum M-15-13, "Policy to Require Secure Connections across Federal Websites and...
og:site_name	GitHub
og:type	object
hostname	github.com
expected-hostname	github.com
None	4a4bf5f4e28041a9d2e5c107d7d20b78b4294ba261cab243b28167c16a623a1f
turbo-cache-control	no-preview
diff-view	unified
go-import	github.com/GSA/https git https://github.com/GSA/https.git
octolytics-dimension-user_id	643070
octolytics-dimension-user_login	GSA
octolytics-dimension-repository_id	28724827
octolytics-dimension-repository_nwo	GSA/https
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	false
octolytics-dimension-repository_network_root_id	28724827
octolytics-dimension-repository_network_root_nwo	GSA/https
turbo-body-classes	logged-out env-production page-responsive full-width
disable-turbo	true
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	488b30e96dfd057fbbe44c6665ccbc030b729dde
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#start-of-content
	https://patch-diff.githubusercontent.com/
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FGSA%2Fhttps%2Fpull%2F108%2Ffiles
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FGSA%2Fhttps%2Fpull%2F108%2Ffiles
Sign up	https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=GSA%2Fhttps
Reload	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
Reload	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
Reload	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
GSA	https://patch-diff.githubusercontent.com/GSA
https	https://patch-diff.githubusercontent.com/GSA/https
Notifications	https://patch-diff.githubusercontent.com/login?return_to=%2FGSA%2Fhttps
Fork 95	https://patch-diff.githubusercontent.com/login?return_to=%2FGSA%2Fhttps
Star 280	https://patch-diff.githubusercontent.com/login?return_to=%2FGSA%2Fhttps
Code	https://patch-diff.githubusercontent.com/GSA/https
Issues 16	https://patch-diff.githubusercontent.com/GSA/https/issues
Pull requests 11	https://patch-diff.githubusercontent.com/GSA/https/pulls
Actions	https://patch-diff.githubusercontent.com/GSA/https/actions
Projects 0	https://patch-diff.githubusercontent.com/GSA/https/projects
Security 0	https://patch-diff.githubusercontent.com/GSA/https/security
Insights	https://patch-diff.githubusercontent.com/GSA/https/pulse
Code	https://patch-diff.githubusercontent.com/GSA/https
Issues	https://patch-diff.githubusercontent.com/GSA/https/issues
Pull requests	https://patch-diff.githubusercontent.com/GSA/https/pulls
Actions	https://patch-diff.githubusercontent.com/GSA/https/actions
Projects	https://patch-diff.githubusercontent.com/GSA/https/projects
Security	https://patch-diff.githubusercontent.com/GSA/https/security
Insights	https://patch-diff.githubusercontent.com/GSA/https/pulse
Sign up for GitHub	https://patch-diff.githubusercontent.com/signup?return_to=%2FGSA%2Fhttps%2Fissues%2Fnew%2Fchoose
terms of service	https://docs.github.com/terms
privacy statement	https://docs.github.com/privacy
Sign in	https://patch-diff.githubusercontent.com/login?return_to=%2FGSA%2Fhttps%2Fissues%2Fnew%2Fchoose
konklone	https://patch-diff.githubusercontent.com/konklone
master	https://patch-diff.githubusercontent.com/GSA/https/tree/master
changes	https://patch-diff.githubusercontent.com/GSA/https/tree/changes
Conversation 0	https://patch-diff.githubusercontent.com/GSA/https/pull/108
Commits 15	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits
Checks 0	https://patch-diff.githubusercontent.com/GSA/https/pull/108/checks
Files changed 5	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
Finalizing the HTTPS-Only Standard as formal policy	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#top
Show all changes 15 commits	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
45fedec Remove 'perfect' from forward secrecy section titanous Mar 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/45fedec9ece394b38909e8d02263f17e7e20b229
6cb9a30 Changes per IETF IAB comments josephlhall Apr 9, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/6cb9a30d860bde4be65fd027f8c8c93fa5168318
eee26c9 Tweaks to IETF submitted changes. konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/eee26c95be09c12521d724bc7a9d5a8c27e75010
19c0a26 Emphasize that the HSTS max-age is also part of the requirement. konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/19c0a26dbdc855f1001e6a8ee01f7bc59a6771c4
983bb1d remove public comment paragraph konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/983bb1d51d10cdfdfcd2f954ee0eeed2e91221fb
e187758 technical assistance paragraph was duplicated konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/e18775822ea8666574db1057fc9f5a7ca0feaf34
af9fe24 Merge branch 'patch-1' of https://github.com/titanous/https into changes konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/af9fe24fa08c5eaa15d83f665e018bcc8fc08448
7f0836c Be more explicit about planning for change, mention FS. konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/7f0836c528465b8b75f7ae5047d826c2bc028bc9
725b141 Be more explicit about prioritization, and compliance timeframe. konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/725b1411d23efbe3bc6ed11f6cde8fd7ff742ed3
ff63269 be explicit about keeping apprised of besty practices konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/ff63269c0c80282c16903fb1443729c3561067c9
fe39bc6 be explicit about keeping apprised of best practices konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/fe39bc603665a66ac2bc9c8c270c862dd5d6cb18
6890052 Merge branch 'changes' of github.com:18F/https into changes konklone Apr 17, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/6890052feeffd832e5c5ff98b503f64e54a34ee8
e2061fe more changes and language tweaks to match memo konklone Jun 8, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/e2061fe566951deea75aeb248427a36c7029399e
fbeab38 clarify a bit konklone Jun 8, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/fbeab384709552ae4ebe9bb2e1b9f8d21afc7eb8
8f614a0 fix a couple typos konklone Jun 8, 2015	https://patch-diff.githubusercontent.com/GSA/https/pull/108/commits/8f614a0fb2ef8a023ee918dd36bb772664323758
Clear filters	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
Please reload this page	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
Please reload this page	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
everything.md	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-631b4d4aa6c4b7c764fbfa20c51555ef85cfb35aad9fa607fa04520eb277dd3b
index.md	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-b2f5779b89f495c49aa7af4e662fc4b17fea771493540c0a704e498ad55521c3
mixed-content.md	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-acb4b4cf3a34638bf788ffdb0f08cc1a1d09be6d1ade1e9da711ed0768b6edc6
sni.md	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-214fc7b271b116be2e06092a51c3d1cdd0446b04101d31d743e4e716da478df2
technical.md	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-e99980178fa444214950185f1b5dcb4d207d8d21ab3c054dd9959116cf835dfc
pages/everything.md	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-631b4d4aa6c4b7c764fbfa20c51555ef85cfb35aad9fa607fa04520eb277dd3b
View file	https://patch-diff.githubusercontent.com/GSA/https/blob/8f614a0fb2ef8a023ee918dd36bb772664323758/pages/everything.md
Open in desktop	https://desktop.github.com
	https://github.co/hiddenchars
	https://patch-diff.githubusercontent.com/GSA/https/pull/108/{{ revealButtonHref }}
	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-631b4d4aa6c4b7c764fbfa20c51555ef85cfb35aad9fa607fa04520eb277dd3b
	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-631b4d4aa6c4b7c764fbfa20c51555ef85cfb35aad9fa607fa04520eb277dd3b
	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-631b4d4aa6c4b7c764fbfa20c51555ef85cfb35aad9fa607fa04520eb277dd3b
	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files#diff-631b4d4aa6c4b7c764fbfa20c51555ef85cfb35aad9fa607fa04520eb277dd3b
Please reload this page	https://patch-diff.githubusercontent.com/GSA/https/pull/108/files
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.