The HTTP Strict Transport Security (HSTS) spec is now an IETF Internet-Draft, and available here (for now; more about that below): http://tools.ietf.org/html/draft-hodges-strict-transport-sec

We had a successful “HASMAT” (for “HTTP Application Security Minus Authentication & Transport”) BoF at IETF-78 Maastricht last July, which has resulted in the formation of a new IETF Working Group: WebSec. Plus, the HSTS spec, and two others, were adopted as working group items.

Yea!

So this means I need to get off my butt and edit the HSTS spec such that it’s a proper “working group (internet-)draft” and get it published….

This entry was posted on Thursday, October 28th, 2010 at 3:27 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.