I know many here host websites. If you are managing your website yourself, then this is something you probably need to think about.
Nearly 10% of the top 10M websites are now offering HTTP/2, which gives tangible performance improvements over HTTP/1.1. If you run your own server, adopting HTTP/2 looks be quite easy as it's supported by both current versions of Apache2 and NGINX. If you are reliant on web hosting, then you will need to check with your host whether they are using the new standard.
HTTP/2 at it's draft stages was going to be HTTPs only. Fortunately that requirement was dropped. Unfortunately, all the common web browsers are insisting on TLS (HTTPs) for all sites accessed using HTTP/2. So that means, if you don't currently have HTTPs enabled for your website, you are going to need it.
It's fairly well understood that Google as pushing for more sites to use HTTPs. In January 2017 Chrome will soon start alerting users that HTTP sites are insecure. It's also believed that Google will in future start marking it's search results for HTTP sites as insecure too. ( - it's already widely accepted that Google are prioritising HTTPs sites over HTTP ones).
http://www.ubergizmo.com/2016/09/google-http-websites-not-secure/
Is anyone here already using HTTP/2? (I'm not, but it's something I will start looking into soon).
What about HTTPs/TLS? ... (I've not seen it as a concern before now because non of my public-facing sites collect any data).
Nearly 10% of the top 10M websites are now offering HTTP/2, which gives tangible performance improvements over HTTP/1.1. If you run your own server, adopting HTTP/2 looks be quite easy as it's supported by both current versions of Apache2 and NGINX. If you are reliant on web hosting, then you will need to check with your host whether they are using the new standard.
HTTP/2 at it's draft stages was going to be HTTPs only. Fortunately that requirement was dropped. Unfortunately, all the common web browsers are insisting on TLS (HTTPs) for all sites accessed using HTTP/2. So that means, if you don't currently have HTTPs enabled for your website, you are going to need it.
It's fairly well understood that Google as pushing for more sites to use HTTPs. In January 2017 Chrome will soon start alerting users that HTTP sites are insecure. It's also believed that Google will in future start marking it's search results for HTTP sites as insecure too. ( - it's already widely accepted that Google are prioritising HTTPs sites over HTTP ones).
http://www.ubergizmo.com/2016/09/google-http-websites-not-secure/
Is anyone here already using HTTP/2? (I'm not, but it's something I will start looking into soon).
What about HTTPs/TLS? ... (I've not seen it as a concern before now because non of my public-facing sites collect any data).