On Wednesday 06 April 2016 14:31:17 Juaristi Álamos, Ander wrote: > Hi all, > > Here are some patches for HSTS. > > - 0001: checks the HSTS database file is not world-writable, and > refuses to read it if it is, and disables HSTS. This was in my original
Doesn't it make sense to share the HSTS database globally ? It is basically global data (domain specific) and not user specific. Thinking forward, a central (trusted) database/daemon for HSTS entries would be nice - sooner or later almost any domain supports HSTS. Each process loading/saving a huge file would not be efficient. Same goes for e.g. cert pinning (but not for cookies which are private data). Regards, Tim
signature.asc
Description: This is a digitally signed message part.
