Re: HSTS Misuse

On Mon, May 23, 2016 at 6:37 AM, Philipp Junghannß <teamhydro55555@gmail.com
> wrote:

> also lets not forget that what will happen if we have an obnoxiouslyy long
> HSTS and the domain gets sold?
>

A domain with a smaller bootstrap vulnerability against MITM would be more
valuable to a sensible buyer. It's 2016 afterall - worrying about how to
avoid https is needlessly swimming against the tide.

I've actually wondered about a https only TLD for the same benefit.

Received on Tuesday, 24 May 2016 13:45:30 UTC