Re: HSTS Misuse


Le 2016-05-23 10:49, Solarus Lumenor a écrit : 

> As long as HSTS in DNS is not standardized or implemented, the domain owner does not matters, it's only a server problem.

Sorry for this anwser. 

Assuming that HSTS is activated in the DNS zone, the problem is slightly
the same.
If you activate HSTS in a zone that serve HTTP, then the connexion will
be blocked.

There is no other solution than educate users to best pratices and good
use case. 

Human problems, human solutions. :)

Received on Monday, 23 May 2016 10:06:48 UTC