HTTP Strict Transport Security: Five common mistakes and how to fix them
| Main Author: | Stefan Friedli |
|---|---|
| Other Authors: | Marc Ruef |
| Format: | Article |
| Bahasa: | eng |
| Terbitan: |
, 2019
|
| Subjects: | |
| Online Access: |
https://zenodo.org/record/3521970 |
Daftar Isi:
- Transport Encryption is an extremely powerful tool to increase the security of a website's users. The usage of HTTPS is incentivized, not using it comes with some additional downsides. HSTS closes the "initial access" gap when a user access the site via HTTP and needs to be redirected to HTTPS. There are five common mistakes that can easily be avoided, as outlined at the end of this article.
- This paper was written in 2019 as part of a research project at scip AG, Switzerland. It was initially published online at https://www.scip.ch/en/?labs.20190214 and is available in English and German. Providing our clients with innovative research for the information technology of the future is an essential part of our company culture.