Senator Ron Wyden (D-Ore.) on Tuesday asked the chief information officer at the U.S. Department of Defense (DoD) to take immediate action to ensure that the organization’s websites use HTTPS.

The senator noted that some of the DoD’s websites, such as the ones belonging to the NSA, the Army, and the Air Force, do use HTTPS by default and certificates trusted by major web browsers, but many other sites either don’t use HTTPS at all or they rely on digital certificates issued by the DoD Root Certificate Authority. Certificates issued by the DoD itself trigger security warnings in browsers.