On Aug 10, 2014, at 2:28 PM, Tobias Gondrom <[email protected]> wrote:
> Thanks. > > I agree, this is an "update" and not an "errata". > > However, am not sure how to best retain this information: > Because this is a good point for a best practice. > And be it only in advising the best practice when using HSTS, like > simply including one link to the parent https://example.com to avoid > having unprotected parent-domains. Well, if we could talk Eric into writing a draft… _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
