Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - IETF Grants HTTP Strict Transport Security (HSTS) Proposed Standard Status (paritynews.com)

An anonymous reader writes: The Internet Engineering Task Force (IETF) has granted the HTTP Strict Transport Security (HSTS), a security protocol designed to protect Internet users from hijacking, the status of proposed standard. The HSTS is an opt-in security enhancement whereby web sites signal browsers to always communicate with it over a secure connection. If the user is using a browser that complies with HSTS policy, the browser will automatically switch to a secure version of the site, using ‘https’ without any intervention of the user. The main purpose of the web security protocol is to prevent HTTP session hijacking where user accounts are at risk of being comprised by a malicious user who is snooping on the session traffic.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

IETF Grants HTTP Strict Transport Security (HSTS) Proposed Standard Status

Comments Filter:

We don't really understand it, so we'll give it to the programmers.