Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

+ - IETF Grants HTTP Strict Transport Security (HSTS) Proposed Standard Status->

Submitted by Anonymous Coward
An anonymous reader writes: The Internet Engineering Task Force (IETF) has granted the HTTP Strict Transport Security (HSTS), a security protocol designed to protect Internet users from hijacking, the status of proposed standard. The HSTS is an opt-in security enhancement whereby web sites signal browsers to always communicate with it over a secure connection. If the user is using a browser that complies with HSTS policy, the browser will automatically switch to a secure version of the site, using ‘https’ without any intervention of the user. The main purpose of the web security protocol is to prevent HTTP session hijacking where user accounts are at risk of being comprised by a malicious user who is snooping on the session traffic.
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

IETF Grants HTTP Strict Transport Security (HSTS) Proposed Standard Status

Comments Filter:

The question of whether computers can think is just like the question of whether submarines can swim. -- Edsger W. Dijkstra