This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:HTTP Strict Transport Security

From OWASP
Revision as of 08:36, 16 April 2013 by Shane Argo (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

I would like to make a change to this page, but would like to check it's okay first. The IIS solution currently proposed on this page technically doesn't follow the spec, as Section 7.2 specifies that the header must not be send over non-secure connections. I have written an open source IIS module which implements HSTS as per the specification which I would like to reference it here, but I am concerned that it may be interpreted as advertising or some other unacceptable update. I have read the Wikipedia editing guidelines referenced from the Help:Editing page and this change appears to be acceptable. --Shane Argo 02:21, 3 April 2013 (UTC)

Update re: open source HSTS IIS module after receiving approval from Michael Coates via email. --Shane Argo 08:36, 16 April 2013 (UTC)

Retrieved from "https://wiki.owasp.org/index.php?title=Talk:HTTP_Strict_Transport_Security&oldid=149911"