Shared publicly  - 
HTTP Strict Transport Security has been approved by the IETF as a proposed standard, which is excellent indeed. Nice work, +Jeff Hodges, +Colin Jackson, +Adam Barth, et al.

TL;DR: You can explain to a browser that it should always connect to your sites via HTTPS, regardless of address bar typos or man-in-the-middle attacks. Nice, eh? If you'd like more details, take a quick look at for a brief walkthrough.
As I'd noted back in July, the draft HSTS spec was in IETF-wide last call, from which we exited in August with various helpful comments. We applied summore elbow grease to the ol'spec and shipped it t...
Michael[tm] Smith's profile's profile photoMarco Ferrari's profile photoWeb Developers Sandbox's profile photo
Add a comment...