W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2015

Re: HSTS Priming, continued.

From: Brad Hill <hillbrad@gmail.com>
Date: Fri, 06 Nov 2015 17:40:08 +0000
Message-ID: <CAEeYn8i-g+Z-JupzObRVELAeEQLb+E45rw52zFiMPW-UHbMtRQ@mail.gmail.com>
To: Mike West <mkwst@google.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Cc: Richard Barnes <rbarnes@mozilla.com>, Jeff Hodges <jeff.hodges@paypal.com>, Anne van Kesteren <annevk@annevk.nl>, Adam Langley <agl@google.com>
I like it.  Even if you don't want to apply it normatively to navigational
requests, it might be useful to suggest that the prefetcher, if one exists,
should perform priming.

On Fri, Nov 6, 2015 at 6:33 AM Mike West <mkwst@google.com> wrote:

> The discussion at TPAC more or less convinced me that Richard's HSTS
> Priming proposal is a good one that we should explore. To that end, I put
> together a little bit more detail about what it would mean for Fetch and
> etc. so that we have more details to argue about.
>
> I'd appreciate it if you'd take a quick look at
> https://mikewest.github.io/hsts-priming/ and give some feedback about
> those details (Note: I think the normative changes should end up in Fetch
> and HSTS and MIX, but it's easier to discuss a single document than a set
> of diffs).
>
> CCing some folks who I think might be particularly interested.
>
>
> -mike
>
Received on Friday, 6 November 2015 17:40:56 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:16 UTC