I can’t do a detailed post right now, pointing to announcement message and the spec itself will have to do. This is what I’ve been working on since joining PayPal…

fyi: Strict Transport Security specification
http://lists.w3.org/Archives/Public/public-webapps/2009JulSep/1148.html

draft-hodges-strict-transport-sec-05.plain.html
http://lists.w3.org/Archives/Public/www-archive/2009Sep/0051.html

This specification embodies and refines the approach proposed in..

ForceHTTPS: Protecting High-Security Web Sites from Network Attacks
https://crypto.stanford.edu/forcehttps/forcehttps.pdf

=JeffH sez check it out!

This entry was posted on Saturday, September 19th, 2009 at 7:38 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.