Shared publicly  - 
HTTP Strict Transport Security has been approved by the IETF as a proposed standard, which is excellent indeed. Nice work, +Jeff Hodges, +Colin Jackson, +Adam Barth, et al.

TL;DR: You can explain to a browser that it should always connect to your sites via HTTPS, regardless of address bar typos or man-in-the-middle attacks. Nice, eh? If you'd like more details, take a quick look at for a brief walkthrough.
As I'd noted back in July, the draft HSTS spec was in IETF-wide last call, from which we exited in August with various helpful comments. We applied summore elbow grease to the ol'spec and shipped it t...
Jeff Hodges (JeffH)'s profile photo
Add a comment...