Re: VeriSign feedback/comments on STS -06

Henrik, what you are proposing is a solution to a different problem, here we
are concerned about webowners wanting their HTTP content to be served only
via a secure layer (HTTPS).

A change on how DNS/SSL works is not in the scope of STS nor the W3G

-- Eduardo

2010/5/17 Henrik Nordström <>

> mån 2010-05-17 klockan 16:17 -0700 skrev Michal Zalewski:
> > >> This would make it difficult to enroll (requiring changing all certs).
> > > Which is something you do anyway fairly frequently (every year or so)
> >
> > ...compared to the ability to toggle a HTTP header in a couple
> > minutes, for free (and roll back if things go wrong).
> Which imho is too easy. Once enabled it should not be too easy to
> disable without clients noticing.
> Regards
> Henrik

Received on Tuesday, 18 May 2010 00:41:37 UTC