PrivacyWonk moves to TLS (finally...)

After waiting for what seemed like an eternity, the site finally has a Let's Encrypt certificate!

I took some time to setup TLS properly this evening (total project time: 2 hours), following fantastic guides from Mozilla and other sources (WeakDH.org, Qualys SSL Server Test, and Scott Helme's SecurityHeaders) ensure a secure and modern implementation. See reports below.

Was this necessary for a site that simply serves up my idle thoughts on privacy and security? Absolutely.

Why?

Because if I can do it for my little blog serving an annual readership of 20k (most of which are SEO spammers), you can do it for your web app that collects, uses, and disseminates data. 

It's 2015, it's time for this level of encryption and site protection to become the new normal. Invest in AppSec, invest in Security Engineering, and invest in the trust of your customer or reader.

--------------------- 

Qualys Report: Yahtzee!

SecurityHeader Report: Content-Security Policy and Public-Key-Pins will be future projects for the site