On Fri, Oct 14, 2011 at 5:56 PM, Tom Ritter <[email protected]> wrote: > I agree. Separating it into a header may also enable it to find its > way into other protocols that travel over TLS, and reuse some of the > same parsing/validation code.
Actually, there is nothing too HTTP-specific about HSTS as it exists now, so you could conceivably use it in other header-having protocols. I am ok with putting pins in their own header. I'll be rolling another rev of the document and will send it around! Thanks again, all. _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
