Having recently spent some time with OpenStates data, I noticed the state government websites varied … a lot. Wanting to quantify this variation, I used the SSL Labs scanner, Lighthouse, and some Ruby scripts to compare the 50 states, DC and Puerto Rico’s legislature’s websites.
The table below covers usability (is the hostname flexible), security (does it allow or require HTTPS), server configuration (SSL Labs) and performance (Google Lighthouse).
- Three sites don’t support HTTPS: Alabama, Kansas and Puerto Rico’s lower house. Mississippi downgrades HTTPS request to HTTP.
- Of the sites supporting HTTPS, Massachusetts, Maryland, New Hampshire and Rhode Island get an “F” grade. (Get it together, northeast!)
- New York’s old state assembly site (assembly.state.ny.us) still works and doesn’t redirect you to nyassembly.gov.
- The Michigan House uses house.mi.gov; house.michigan.gov redirects there (but doesn’t have a valid certificate).
- The Michigan Senate uses the opposite: senate.michigan.gov. Going to senate.mi.gov redirects you there (and also lacks a valid certificate).
- Alabama, Arkansas, Georgia, Iowa and Minnesota require you add a www prefix.
- Kentucky, Virginia and Vermont don’t permit www prefixes.
- The Minnesota state senate uses an
.mndomain, which belongs to the country of Mongolia. Seems like a security risk.