[websec] #47: HSTS: explicitly note that HSTS applies when following redirects
"websec issue tracker" <trac+websec@trac.tools.ietf.org> Mon, 02 July 2012 20:42 UTC
Return-Path: <trac+websec@trac.tools.ietf.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B7AB11E80FA for <websec@ietfa.amsl.com>; Mon, 2 Jul 2012 13:42:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.999
X-Spam-Level:
X-Spam-Status: No, score=-101.999 tagged_above=-999 required=5 tests=[AWL=0.600, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D1Z+lwDBa9JA for <websec@ietfa.amsl.com>; Mon, 2 Jul 2012 13:42:56 -0700 (PDT)
Received: from grenache.tools.ietf.org (grenache.tools.ietf.org [77.72.230.30]) by ietfa.amsl.com (Postfix) with ESMTP id 9A48711E809C for <websec@ietf.org>; Mon, 2 Jul 2012 13:42:56 -0700 (PDT)
Received: from localhost ([127.0.0.1]:58654 helo=grenache.tools.ietf.org ident=www-data) by grenache.tools.ietf.org with esmtp (Exim 4.77) (envelope-from <trac+websec@trac.tools.ietf.org>) id 1SlnS1-0000JI-AL; Mon, 02 Jul 2012 22:42:29 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: websec issue tracker <trac+websec@trac.tools.ietf.org>
X-Trac-Version: 0.12.2
Precedence: bulk
Auto-Submitted: auto-generated
X-Mailer: Trac 0.12.2, by Edgewall Software
To: draft-ietf-websec-strict-transport-sec@tools.ietf.org, jeff.hodges@kingsmountain.com
X-Trac-Project: websec
Date: Mon, 02 Jul 2012 20:42:29 -0000
X-URL: http://tools.ietf.org/websec/
X-Trac-Ticket-URL: http://wiki.tools.ietf.org/wg/websec/trac/ticket/47
Message-ID: <070.b22239f1d2f37ffa75cfd01d0a07c6b7@trac.tools.ietf.org>
X-Trac-Ticket-ID: 47
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Rcpt-To: draft-ietf-websec-strict-transport-sec@tools.ietf.org, jeff.hodges@kingsmountain.com, websec@ietf.org
X-SA-Exim-Mail-From: trac+websec@trac.tools.ietf.org
X-SA-Exim-Scanned: No (on grenache.tools.ietf.org); SAEximRunCond expanded to false
Resent-To:
Resent-Message-Id: <20120702204256.9A48711E809C@ietfa.amsl.com>
Resent-Date: Mon, 02 Jul 2012 13:42:56 -0700
Resent-From: trac+websec@trac.tools.ietf.org
Cc: websec@ietf.org
Subject: [websec] #47: HSTS: explicitly note that HSTS applies when following redirects
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jul 2012 20:42:57 -0000
#47: HSTS: explicitly note that HSTS applies when following redirects
explicitly note that HSTS applies when following redirects -- section 8.3
URI Loading and Port Mapping doesn't call this out explicitly.
It should perhaps say something like..
Whenever the UA prepares to "load", also known as
"dereference", any "http" URI [RFC3986]
(including when following HTTP redirects [RFC2616]),
--
-------------------------------------+-------------------------------------
Reporter: jeff.hodges@… | Owner: draft-ietf-websec-
Type: enhancement | strict-transport-sec@…
Priority: minor | Status: new
Component: strict-transport-sec | Milestone:
Severity: Waiting for Shepherd | Version:
Writeup | Keywords:
-------------------------------------+-------------------------------------
Ticket URL: <http://wiki.tools.ietf.org/wg/websec/trac/ticket/47>
websec <http://tools.ietf.org/websec/>
- [websec] #47: HSTS: explicitly note that HSTS app… websec issue tracker
- Re: [websec] #47: HSTS: explicitly note that HSTS… websec issue tracker