As y'all likely noticed, I worked through hasmat@ and websec@ mailing list
archives since approx Jul-2010 and documented issues with the HSTS spec that've
been raised, but aren't as yet addressed in
draft-ietf-websec-strict-transport-sec-01.
an overview report is available here..
http://trac.tools.ietf.org/wg/websec/trac/report/1?asc=1&sort=ticket
(that URI in the future will gen a report for all tickets submitted against all
WebSec WG specs, just fyi/fwiw)
If there's any issues with the HSTS spec you feel are salient and that I didn't
capture, please raise it on the list and/or submit a ticket.
I don't know if I'll be able to get the spec updated before Monday's I-D
cutoff, but I will get it updated before Quebec in any case.
thanks,
=JeffH
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
