Google Chrome will support Signed HTTP Exchanges

The secure loading of HTTP Exchanges by Google has now been approved by the Internet Engineering Task Force and is supported in subsequent releases. The main purpose of this feature is to continue to improve the page loading performance under security conditions, but in addition to the browser, a variety of supply chains are required for support.

The current security loading is mainly to encrypt all the resources of the webpage through HTTPS, while HTTPS requires the server to retain the digital certificate for verification. To simplify the distribution of website content, Google initiated this protocol to ensure HTTPS encryption but does not require server consistency when the browser loads website resources.

For example, a more general resource can be loaded from the website source server when loading, or it can be loaded by other servers through this feature. However, in order to ensure security, this also requires support from the supply chain. The distribution network Cloudflare and the issuing authority Cloudflare have already supported this feature.

This feature was initiated by Google and is currently the main promoter of Google. In fact, this feature was actually developed by Google for the AMP mobile page acceleration program.

The HTTP Exchanges protocol allows websites to use their own domain names, but all AMP page resources are distributed by Google. If you want to achieve this goal and guarantee full HTTPS, you need HTTP Exchanges to support, otherwise, it may be blocked when loading. So essentially this is Google’s simplification of the AMP acceleration page build distribution, it is estimated that other sites should not use this agreement in addition to this purpose.