You might notice in the coming days, that all the Cruise Ship Wave Network 75 websites will have a new website address. The new addresses will all start with https:// instead of http//.
What is https? Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS stands for ‘Secure’.
It means all communications between your browser and the website are encrypted. We have applied for and are receiving security certificates for each of our websites, just like websites like Amazon, Walmart, Ebay, your bank and government websites and secure most online shopping websites.
This means if you submit a contact form to us through one of our website contact forms, your communication is secure. You can tell the communication is secure, because you will see this icon in address bar of your browser. Look at the address bar right now and note the secure address.
If your bookmark goes to an old address beginning with http:// or www , worry not you will automatically direct to the secured website. You are not actually leaving our old website. It’s the same website with an extra layer of security. We have 75 websites to secure and your security is very important to us.
Why are some websites not adding that extra layer of security?
- Some website hosts charge for the security certificate and if the website does not sell anything online with a shopping cart, they may not be able to justify the cost. For example, a company known as Thawte offers five SSL certificate options; Thawte SSL ($149/yr), Web Server SSL ($249/yr), Web Server EV SSL ($599/yr)and SGC SuperCerts ($699) and Wildcard SSL ($639/yr). All the certificates have 128/256 bit encryption and come with warranty ranging from 100,000 US to 500,000 USD.
- Some website owners may not want the extra red tape. It’s a lot of work to get everything right.
- The encryption/decryption represents a computation overhead for both server and browser. Most modern client systems will probably not notice this, but on a busy server handling multiple simultaneous HTTPS connections this could be a problem.
- Some firewall or proxy systems may not allow access to HTTPS sites. Sometimes this is simply because the administrators have forgotten to allow for HTTPS. However sometimes it is a conscious security decision: since HTTPS connections are end-to-end encrypted, they can be used to carry any traffic at all. Allowing them through a firewall, which then has no way to look inside the data stream, could allow any sort of data transfer (in either direction).
- Some websites may not qualify for the certificate due to the type of content they have. Generally, hacked/hacker websites do NOT have a security certificate.