W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2015

HSTS Priming, continued.

From: Mike West <mkwst@google.com>
Date: Fri, 6 Nov 2015 15:33:11 +0100
Message-ID: <CAKXHy=cqvrdMv_Aat6CjAsJ41taU4Yduz2NC1fbu5FYRaNBM1w@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Cc: Richard Barnes <rbarnes@mozilla.com>, Jeff Hodges <jeff.hodges@paypal.com>, Anne van Kesteren <annevk@annevk.nl>, Brad Hill <hillbrad@gmail.com>, Adam Langley <agl@google.com>
The discussion at TPAC more or less convinced me that Richard's HSTS
Priming proposal is a good one that we should explore. To that end, I put
together a little bit more detail about what it would mean for Fetch and
etc. so that we have more details to argue about.

I'd appreciate it if you'd take a quick look at
https://mikewest.github.io/hsts-priming/ and give some feedback about those
details (Note: I think the normative changes should end up in Fetch and
HSTS and MIX, but it's easier to discuss a single document than a set of
diffs).

CCing some folks who I think might be particularly interested.

-mike
Received on Friday, 6 November 2015 14:34:01 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:16 UTC