Re: [UPGRADE]: What's left?

On 6 March 2015 at 10:43, Mike West <mkwst@google.com> wrote:
> I don't understand why HSTS needs to be conditionally set. Presumably you're
> only redirecting "safely upgradable requests" to HTTPS if you're this spec's
> target audience.

I understood this as "If you support this upgrade, might as well just
use HSTS".  But can't save the extra bytes by disabling this signal if
HSTS is enabled?

Received on Friday, 6 March 2015 19:17:22 UTC