HTTP Strict Transport Security and the IETF WebSec Working Group

The HTTP Strict Transport Security (HSTS) spec is now an IETF Internet-Draft, and available here (for now; more about that below):

We had a successful “HASMAT” (for “HTTP Application Security Minus Authentication & Transport”) BoF at IETF-78 Maastricht last July, which has resulted in the formation of a new IETF Working Group: WebSec. Plus, the HSTS spec, and two others, were adopted as working group items.


So this means I need to get off my butt and edit the HSTS spec such that it’s a proper “working group (internet-)draft” and get it published….

Leave a Reply

You must be logged in to post a comment.