Last updated October 15, 2019
This data measures how well federal web services support the HTTPS protocol (
https://). HTTPS provides a secure connection across the internet between web services and their users. Federal agencies are required to enforce HTTPS and use HSTS (HTTP Strict Transport Security) as part of the White House Office of Management and Budget's M-15-13 and the Department of Homeland Security's Binding Operational Directive 18-01. BOD 18-01 also requires that agencies remove support for known-weak cryptography by disabling the RC4 and 3DES ciphers, and the SSLv2 and SSLv3 protocols.
All data below is collected from publicly available data sources on October 15, 2019, and must be considered public. See the technical guidance for more information on how this data is collected and measured. Agencies with questions about their results shown here can contact firstname.lastname@example.org.