Google Chrome’s security team plans to revamp the URL

URLs should be understandable, identifiable and convenient

Google Chrome is changing, but the browser’s biggest change has yet to come.

Chrome’s security team is looking at changing the URL.

“People have a really hard time understanding URLs,” Chrome’s engineering manager, Adrienne Porter Felt, told Wired.

URLs, or Uniform Resource Locators, are those strings of letters, numbers and slashes you see in the address bar at the top of your browser. These are used to direct browsers to the right place when browsing the web.

A browser will bring a URL to the web’s DNS address book. That address book will identify the right Internet Protocol (IP) address for the URL. Those IP addresses identify and differentiate web servers.

In short, it’s simpler to type ‘mobilesyrup.com’ into the address bar and let your browser do the work than it is to type a long string of numbers and letters.

The problem is that URLs have become more and more difficult to understand. More often than not, URLs are unintelligible strings of letters and numbers themselves.

The lack of clarity makes it easy for criminals to exploit people by playing on that confusion. These criminals can easily create fake websites that impersonate real websites.

So, Chrome wants to fix the URL. But finding a solution that’s as open and flexible as the URL, that’s also more convenient and secure for users isn’t easy.

The security team has a few ideas, but they’re not ready to share them yet. Instead, the team wants to identify all the ways we use URLs so they can find the best alternative.

Despite the necessity of change, the team recognizes that any change will be controversial.

In 2014, the team tried a solution called the ‘origin chip.’ The chip only showed the main domain name of websites to help users identify where they were actually browsing. To see the full URL, users could click the chip to expand it.

However, Google stopped the rollout after receiving criticism.

More recently, Google messed with HTTPS standards. Chrome began marking sites using HTTP as ‘not secure’ in Chrome 68. This was one of many steps in a lengthy plan to highlight insecure sites instead of secure sites.

However, the Chrome team told Wired that it received backlash over this change too.

Knowing how controversial changes to the web can be, the Chrome team plans to take its time with URLs. The team wants to get it right.

Source: Wired