[jira] [Updated] (TS-4502) HSTS should clip to the certificate expiry

Leif Hedstrom (JIRA) Fri, 03 Jun 2016 15:20:18 -0700

     [ 
https://issues.apache.org/jira/browse/TS-4502?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Leif Hedstrom updated TS-4502:
------------------------------
    Fix Version/s: sometime

> HSTS should clip to the certificate expiry
> ------------------------------------------
>
>                 Key: TS-4502
>                 URL: https://issues.apache.org/jira/browse/TS-4502
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: SSL
>            Reporter: James Peach
>             Fix For: sometime
>
>
> When using {{proxy.config.ssl.hsts_max_age}} to send a strict transport 
> security header, we should examine the expiry of the certificate we are 
> servige the request with, and clip the max HSTS age to the expiry of the 
> certificate. This would prevent browsers puking on HSTS when certificates 
> expire legitimately.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (TS-4502) HSTS should clip to the certificate expiry

Reply via email to