Start of Main Content

HTTPS

Last updated November 09, 2017

This data measures how well federal web services support the HTTPS protocol (https://). HTTPS provides a secure connection across the internet between web services and their users. Federal agencies are required to enforce HTTPS and use HSTS (HTTP Strict Transport Security) as part of the White House Office of Management and Budget's M-15-13 and the Department of Homeland Security's Binding Operational Directive 18-01. BOD 18-01 also requires that agencies remove support for known-weak cryptography by disabling the RC4 and 3DES ciphers, and the SSLv2 and SSLv3 protocols.

All data below is collected from publicly available data sources on November 09, 2017, and must be considered public. See the technical guidance for more information on how this data is collected and measured.

HTTPS by agency. Table is sortable via first row table headers. Each row contains an agency and related attributes.
Agency Services Compliant with M-15-13 and BOD 18-01 Enforces HTTPS HSTS Free of RC4/3DES and SSLv2/SSLv3 Preloaded Domains