Abstract

HTTP-based APIs, including websites hosting web content, want to force HTTPS for security; however, the current mechanism is not absolute in its intentions and requires third-party configuration to help enforce the policy. On top of that, the configuration is very coarse grained and does not meet many use cases where fine grained control is required, such as having different policies for sub-domains of a second-level domain. By allowing web domains to host their own configuration, we can give fine grained control to the owners of domains and help to secure the web from malicious actors.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 4.0 License.

Recommended Citation

INC, HP, "DOMAIN BASED HSTS (HTTP STRICT TRANSPORT SECURITY) MANAGEMENT", Technical Disclosure Commons, (November 21, 2022)
https://www.tdcommons.org/dpubs_series/5514

Download

COinS

Technical Disclosure Commons

Defensive Publications Series

DOMAIN BASED HSTS (HTTP STRICT TRANSPORT SECURITY) MANAGEMENT

Abstract

Creative Commons License

Recommended Citation

Browse

Search

Submit

Additional Information

Technical Disclosure Commons

Defensive Publications Series

DOMAIN BASED HSTS (HTTP STRICT TRANSPORT SECURITY) MANAGEMENT

Inventor(s)

Abstract

Creative Commons License

Recommended Citation

Share

Browse

Search

Submit

Additional Information