A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Security Working Group of the IETF.
Title : HTTP Strict Transport Security (HSTS)
Author(s) : Jeff Hodges
Collin Jackson
Adam Barth
Filename : draft-ietf-websec-strict-transport-sec-14.txt
Pages : 54
Date : 2012-09-29
Abstract:
This specification defines a mechanism enabling web sites to declare
themselves accessible only via secure connections, and/or for users
to be able to direct their user agent(s) to interact with given sites
only over secure connections. This overall policy is referred to as
HTTP Strict Transport Security (HSTS). The policy is declared by web
sites via the Strict-Transport-Security HTTP response header field,
and/or by other means, such as user agent configuration, for example.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-websec-strict-transport-sec
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec-14
A diff from the previous version is available at:
http://www.ietf.org/rfcdiff?url2=draft-ietf-websec-strict-transport-sec-14
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
