We’re in the near-final push here on getting the HTTP Strict Transport Security (HSTS) draft spec to be published as an RFC.

The most recent draft version (revision -11 as of this writing) is here..

https://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec

And the IESG‘s announcement for IETF-wide Last Call is here..

https://www.ietf.org/mail-archive/web/ietf-announce/current/msg10470.html

We’re coming around the last corner and the finish line is in sight!

See also the Wikipedia entry for HSTS — it has info on the spec’s history, applicability, deployment, and implementations.

Average Rating: 4.7 out of 5 based on 278 user reviews.

[ | | | from fda approved pharmacy | ]

This entry was posted on Wednesday, July 11th, 2012 at 1:13 pm and is filed under IETF, Security, Web Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “”

  1. IdentityMeme.org » Blog Archive » HTTP Strict Transport Security (HSTS) Approved as Proposed Standard RFC says:
    October 2, 2012 at 8:38 am

    […] As I’d noted back in July, the draft HSTS spec was in IETF-wide last call, from which we exited in August with various helpful comments. We applied summore elbow grease to the ol’spec and shipped it to the IESG (Internet Engineering Steering Group) for further inspection, received more good comments, subsequently applied more tweaks and polish, and voila(!), this morning we have this little missive in our email… [websec] Protocol Action: ‘HTTP Strict Transport Security (HSTS)’ to Proposed Standard (draft-ietf-websec-strict-transport-sec-14.txt) […]

Leave a Reply

You must be logged in to post a comment.