Bug#832920: HSTS

To: Hanno Böck <hanno@hboeck.de>, 832920@bugs.debian.org
Subject: Bug#832920: HSTS
From: Julien Cristau <jcristau@debian.org>
Date: Fri, 29 Jul 2016 18:44:57 +0200
Message-id: <[🔎] 20160729164457.GA22628@betterave.cristau.org>
Reply-to: Julien Cristau <jcristau@debian.org>, 832920@bugs.debian.org
In-reply-to: <[🔎] 20160729115445.0d3b64ef@pc1>
References: <[🔎] 20160729115445.0d3b64ef@pc1>

On Fri, Jul 29, 2016 at 11:54:45 -0400, Hanno Böck wrote:

> Please also add an HSTS header to enforce future connections to be
> HTTPS and avoid SSL Stripping attacks.

Can't add something that's already there.
$ HEAD https://www.debian.org/ | grep Strict
Strict-Transport-Security: max-age=15552000

Cheers,
Julien

Reply to:

References:
- Bug#832920: HSTS
  - From: Hanno Böck <hanno@hboeck.de>

Prev by Date: Bug#832920: HSTS
Next by Date: comments about FlashBios page
Previous by thread: Bug#832920: HSTS
Next by thread: comments about FlashBios page
Index(es):
- Date
- Thread