Thread: Security HSTS becomes IETF proposed standard
View Single Post
  #1   (View Single Post)  
Old 3rd October 2012
J65nko J65nko is offline
Administrator
  
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,131
Default HSTS becomes IETF proposed standard
From http://h-online.com/-1722502

Quote:
HSTS, the HTTP Strict Transport Security protocol, has been approved as a proposed standard by the IETF. HSTS is designed to allow web sites to ensure that only secure connections are being made to them by informing browsers that they should use a secure connection. The mechanism works by the server responding with a Strict-Transport-Security header which signals to the browser that it should connect using HTTPS for a time, not only for this connection but, potentially for subdomains as well. Once a browser gets this header it is under orders to only use secure connections to the site.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote