Statement on CIA Website Enhancement
July 17, 2006
Effective July 17, the Central Intelligence Agency website began using industry-standard SSL [external link disclaimer] (secure sockets layer) to enable secure communications between visitors' browsers and our Web server and a digital SSL server certificate issued by a trusted commercial Certificate Authority to authenticate that visitors are connected to the CIA website and not a copy of it. Currently, the site uses an SSL certificate only to protect information submitted by visitors through the website's three comment forms and the CIA Careers resume form.
SSL and/or the digital certificate will:
provide authentication that the website is the CIA website and not a copy of it.
ensure visitors' privacy when browsing pages or submitting information;
and ensure that data exchanged between the website and the visitor's browser cannot be tampered with or altered while transiting the Internet.
Implementing SSL has practical consequences: The site's address (URL) will change from http://www.cia.gov to https://www.cia.gov. As a result:
Bookmarks to the CIA website will not work properly until updated with the new address.
Search engine links to the website will point to the old non-SSL pages until search engines re-index the site.
To minimize inconvenience, visitors trying to connect to the old address for the CIA, the CIA Careers, and the World Factbook home pages will be taken directly to the requested page at the new address. Those attempting to view any other page or document will be taken to an interim page designed to help them find what they are looking for.
We believe the inconveniences of implementing SSL for the entire website will be offset by increased visitor confidence that they are, in fact, connected to the CIA website and that their visits are secure and confidential.