Whether a website is secure depends on at least four fundamental factors: HTTPS encryption, cryptography algorithm, WAF protection, and trusted identity validation. This is why ZT Browser's UI innovation displays four security-related icons:
. In addition to the security padlock, it also displays the cryptographic algorithm, WAF protection, and website trusted identity validation level. Please refer to the innovation UI Icon Summary of ZT Browser for details.
ZT Browser is developed based on open-source Chromium. The default UI display for the security padlock icon is "Connection is secure", ZT Browser believes this is inaccurate. Deploying an SSL certificate and implementing HTTPS encryption on a website does not guarantee security; it simply indicates that the connection from the browser to the server is encrypted. Therefore, ZT Browser has changed this to "Connection is encrypted," followed by the SSL certificate's cipher algorithm (e.g., ECC) in parentheses. Clicking "Connection encrypted (ECC)" displays "Not Quantum-Safe" rather than the "Security" displayed in the original Chromium UI. This serves to highlight the urgency and necessity of websites migrating to post-quantum cryptography.
If a website supports post-quantum cryptography, the SSL certificate's algorithm icon ( /
/
) is not displayed, instead of displaying the "
" icon. The SSL certificate's algorithm will be displayed after "Connection is encrypted" (e.g., ECC). Clicking "Connection is encrypted (ECC)" will display "Quantum-Safe" instead of the "Security" displayed in the original Chromium UI. This indicates to users that the website's HTTPS encryption uses post-quantum cryptography, ensuring the continued security of confidential data both now and in the quantum era.
The first element of website security is HTTPS encryption, which encrypts information transmitted from the browser to the server, preventing confidential information from being leaked during transmission and effectively preventing illegal theft and tampering. This is a basic requirement. Without HTTPS encryption, all browsers will display the "Not secure" warning, which is a correct and accurate indication.
The second element is the cryptographic algorithm used for HTTPS encryption. If traditional cryptographic algorithms are used, data security is no longer guaranteed due to the "harvest now, decrypt later" security threat. Therefore, the second important icon of ZT Browser is the cryptographic algorithm used for HTTPS encryption. Learn more.
The third essential element is WAF protection, which is also indispensable. WAF can effectively prevent various attacks, preventing the illegal theft and tampering of information after it reaches the server from the browser. HTTPS encryption ensures the secure delivery of confidential information to the server, but once the information reaches the server, the task of preventing various attacks can only be performed by the Web Application Firewall (WAF). Without WAF protection, HTTPS encryption is meaningless! This is very important. HTTPS encryption and WAF protection each have their own responsibilities and areas of focus.
The fourth element is website trusted identity validation. A fake bank website may have HTTPS encryption, a security padlock icon displayed in the browser, and even WAF protection. However, these elements do not prove that the fake bank website is secure! Therefore, the website trusted identity validation is the fourth important element of website security, just as important as HTTPS encryption and WAF protection! The simplest website trusted identity validation is to deploy an IV SSL certificate, OV SSL certificate, or EV SSL certificate that has validated the website's identity. ZT Browser will correspond to display ,
,
icons. For websites that have only deployed DV SSL certificates that have not verified identity, ZT Browser will display
icon since the website identity is not validated. You can also apply for the Website Trusted Identity Validation Service of ZT Browser.
It is recommended to choose the ZoTrus HTTPS automation management solution, which does not need to apply for an SSL certificate from a CA, install an SSL certificate on the web server, or install ACME client software on the web server, and fully automatically implement https encryption and WAF protection. Since the validity period of SSL certificates will be shortened to 47 days, the traditional solution of manually applying for and deploying SSL certificates cannot meet the application requirements of many website systems that need to deploy SSL certificates, and the automatic management of SSL certificates must be realized. In particular, the critical information infrastructure system that needs to realize the SM2 algorithm HTTPS encryption, the solution that does not affect the normal operation of the existing business system with zero transformation of the original web server is required, ZoTrus solution not only automatically deploys the RSA/ECC SSL certificate, but also automatically deploys the SM2 SSL certificate to realize the automatic management of the dual-algorithm SSL certificate. ZT Browser preferentially uses the SM2 algorithm to achieve HTTPS encryption, and other browsers that do not support the SM2 algorithm use the ECC algorithm to achieve HTTPS encryption. For websites that already support the post-quantum hybrid cryptographic protocol, ZT Browser prioritizes the post-quantum hybrid cryptographic protocol for HTTPS encryption and displays "" icon the address bar.