Re: [websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard certRe: [websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert
Yoav Nir
2012-01-15
websec
/arch/msg/websec/U-RqCwpU0BpkqXBWsxXmcMTwz7Y/
1504425
1665285
[websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert[websec] #34: HSTS cache manipulation and misuse by server enabled by wildcard cert
websec issue tracker
2012-01-15
websec
/arch/msg/websec/pF1YvW5YOSl-Gaiwor35W583P74/
1504424
1665285
Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)Re: [websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)
Julian Reschke
2012-01-14
websec
/arch/msg/websec/R6w6mnWqEGXEmrByG_lSUYJ49tg/
1504423
1665286
[websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)[websec] of quoted-string header field param value syntax (was: Strict-Transport-Security syntax redux)
=JeffH
2012-01-14
websec
/arch/msg/websec/5IoCdxcEdvIxLMaPdEKTMFpQ8Lo/
1504422
1665286
Re: [websec] scope of mimesniff: roles vs. contexts vs. delivery channelsRe: [websec] scope of mimesniff: roles vs. contexts vs. delivery channels
Tobias Gondrom
2012-01-12
websec
/arch/msg/websec/G22gY8jQM9HKCq-lWXYb6yvvXOg/
1504421
1665287
Re: [websec] scope of mimesniff: roles vs. contexts vs. delivery channelsRe: [websec] scope of mimesniff: roles vs. contexts vs. delivery channels
Bjoern Hoehrmann
2012-01-11
websec
/arch/msg/websec/wUcjExxeDPf-1YphBkGwBqindsg/
1504420
1665287
[websec] scope of mimesniff: roles vs. contexts vs. delivery channels[websec] scope of mimesniff: roles vs. contexts vs. delivery channels
Larry Masinter
2012-01-11
websec
/arch/msg/websec/Uq-I_4-dCQpZUAdxGA2z7xgAV4A/
1504419
1665287
Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing)Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing)
SM
2012-01-09
websec
/arch/msg/websec/yOIfGVMB15rCVRJZ1F81rdZ-EP4/
1504418
1665289
Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing)Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing)
Gervase Markham
2012-01-09
websec
/arch/msg/websec/G19HHzh8sqZKakNHAgwQBYnBV9k/
1504417
1665289
Re: [websec] mimesniff feedback, part 2Re: [websec] mimesniff feedback, part 2
Tobias Gondrom
2012-01-09
websec
/arch/msg/websec/y8oxKgM2Px4sUBGrTWHm1Ogfo1k/
1504416
1665308
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Paul Hoffman
2012-01-09
websec
/arch/msg/websec/uj5Bz2S3oJcHxFEhsP0u7q0wHt4/
1504415
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Julian Reschke
2012-01-09
websec
/arch/msg/websec/VMmK8iGbwEF7ZQLjlaZzQEqS_9g/
1504414
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Adam Barth
2012-01-09
websec
/arch/msg/websec/-JNYtC5xnhehVxKRc6xCCVt2bNw/
1504413
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Bjoern Hoehrmann
2012-01-09
websec
/arch/msg/websec/uAVO4qaOqSvLpmAoDnIuqq4OmnA/
1504412
1665356
[websec] When is sniffing heuristic?[websec] When is sniffing heuristic?
Larry Masinter
2012-01-09
websec
/arch/msg/websec/ZlmL6Y6o0GNzMapcy8Wz0mHO5Y4/
1504411
1665288
Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing)Re: [websec] Is sniffing a heuristic? (was Re: more on sniffing)
Bjoern Hoehrmann
2012-01-08
websec
/arch/msg/websec/8M-lPNuyu0Z5cBSa4TmiHKjnWVU/
1504410
1665289
[websec] Is sniffing a heuristic? (was Re: more on sniffing)[websec] Is sniffing a heuristic? (was Re: more on sniffing)
Adam Barth
2012-01-08
websec
/arch/msg/websec/t2JcG6I2i0dTSv5ndcLDgFVQwUA/
1504409
1665289
Re: [websec] more on sniffingRe: [websec] more on sniffing
Adam Barth
2012-01-08
websec
/arch/msg/websec/_WTTu0PqSaqvGba3MRNhienLCZU/
1504408
1665290
Re: [websec] mimesniff feedback, part 2Re: [websec] mimesniff feedback, part 2
Adam Barth
2012-01-08
websec
/arch/msg/websec/p3b8486n4SET-aSPehr1xlE6JKk/
1504407
1665308
[websec] more on sniffing[websec] more on sniffing
Larry Masinter
2012-01-08
websec
/arch/msg/websec/BGYkTljBiwYJfIF20FCzZsVgiJU/
1504406
1665290
Re: [websec] mimesniff feedback, part 2Re: [websec] mimesniff feedback, part 2
Larry Masinter
2012-01-08
websec
/arch/msg/websec/fkehsNqgS5pAYnWUEQysUkiNJ7s/
1504405
1665308
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Julian Reschke
2012-01-05
websec
/arch/msg/websec/nOpXzeiiGgNYcbcFym871VAsu9o/
1504404
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Anne van Kesteren
2012-01-05
websec
/arch/msg/websec/5WZHHemumrupS_U8XJvv22djTZU/
1504403
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Julian Reschke
2012-01-05
websec
/arch/msg/websec/uWfsS3x9yqPGSt5eOzkVyjlQEBI/
1504402
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Anne van Kesteren
2012-01-05
websec
/arch/msg/websec/lTxHOuRz8ZYgfmgOaOWhd9XlI2Q/
1504401
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Paul Hoffman
2012-01-05
websec
/arch/msg/websec/2fGsuzrk4UcgtfAsTR59PINegSw/
1504400
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Julian Reschke
2012-01-05
websec
/arch/msg/websec/ltDjEZ6-iOSYhN68F4CWFlJNJqU/
1504399
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Anne van Kesteren
2012-01-05
websec
/arch/msg/websec/GabgffiF_0mjBsJw9RoICvLf2Xg/
1504398
1665356
Re: [websec] Strict-Transport-Security syntax reduxRe: [websec] Strict-Transport-Security syntax redux
Tobias Gondrom
2012-01-05
websec
/arch/msg/websec/Pa0DeV95Q8PtLuvBM4SbtaM6kzQ/
1504397
1665356
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
=JeffH
2012-01-04
websec
/arch/msg/websec/Dhoe-cgFxJN0u31S59RX2SXk6dY/
1504396
1665292
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
Tobias Gondrom
2012-01-04
websec
/arch/msg/websec/eFnCW6haV28oYRleE5wl6yJwV88/
1504395
1665292
Re: [websec] default value for max-age ?Re: [websec] default value for max-age ?
Julian Reschke
2012-01-03
websec
/arch/msg/websec/RobEbRa6PkDNAVv4l6aeeTgxjZk/
1504394
1665292
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
Adam Barth
2012-01-03
websec
/arch/msg/websec/rhWlfosx-dNkO_p2Oy4AOZg7Bhs/
1504393
1665292
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
Julian Reschke
2012-01-03
websec
/arch/msg/websec/nu4mlGj-Zh2pQO591gzx-ogbjpg/
1504392
1665292
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
Julian Reschke
2012-01-03
websec
/arch/msg/websec/klmyHBNfT6VVy8byG-TuljWEilU/
1504391
1665292
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
Yoav Nir
2012-01-03
websec
/arch/msg/websec/8LPbfrbFlF38NZLN66jTtUvwMuo/
1504390
1665292
Re: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and brokenRe: [websec] #27: HSTS header ABNF is a hybrid of RFC2616 and httpbis and is overly complex and broken
websec issue tracker
2012-01-03
websec
/arch/msg/websec/pqeS5pNvAwcFvp_BVB7zQvkiv3w/
1504389
1665324
[websec] #33: HSTS: quoted-string grammar in (extension) directives ?[websec] #33: HSTS: quoted-string grammar in (extension) directives ?
websec issue tracker
2012-01-03
websec
/arch/msg/websec/hYhhoS3sqEVMkaHQ1i7YT5VPOSY/
1504388
1665291
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
Adam Barth
2012-01-03
websec
/arch/msg/websec/SK5KcqYR2T7FZ-LREt3upSp3xyY/
1504387
1665292
Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)Re: [websec] default value for max-age ? (was: Re: Strict-Transport-Security syntax redux)
Chris Palmer
2012-01-03
websec
/arch/msg/websec/88FJwOGjfEnc3E9aSc6JozROvoA/
1504386
1665292
40 Messages