On Apr 20, 2012, at 2:18 PM, =JeffH wrote: > In looking at this section, which is attempting to only (non-normatively) > summarize the effects of the HSTS policy, it occurs to me it should be > streamlined down to.. > > > 2. The UA terminates any secure transport connection attempts upon > any and all secure transport errors or warnings. > > > ..because section 10.2 now addresses details wrt "self-signed certs" and such.
That would be *much* better for section 2. Any "such as" will fool implementers into thinking you have a complete list. --Paul Hoffman _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
