Is there some way we could add an annotation to DNS that makes it clear a given domain for the purposes of HTTP is only available over port 443 using TLS? DNS can be easily spoofed of course so you also want HSTS, but perhaps it would be sufficient to be able to disable port 80 entirely.
-- https://annevankesteren.nl/ _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
