On Mon, Mar 17, 2014 at 6:36 PM, Milan Kral wrote:
> Could you please also set HSTS (HTTP Strict Transport Security) for
> www.debian.org ?
Already done when HTTPS was enabled:
$ HEAD https://www.debian.org | grep S.*T.*S
Strict-Transport-Security: max-age=5184000
> Please consider also getting
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi,
I see that HTTPS was enabled for www.debian.org
https://lists.debian.org/debian-www/2014/02/msg00041.html
Could you please also set HSTS (HTTP Strict Transport Security) for
www.debian.org ?
HSTS will help to protect users from SSL-stripping
It would useful to have HTTPS because of the wide spread mass surveillance
https://en.wikipedia.org/wiki/2013_mass_surveillance_disclosures#.22Mastering_the_Internet.22
https://en.wikipedia.org/wiki/Bullrun_%28code_name%29
> ** Tue, 01 Oct 2013 14:26:53 +0200 - 725...@bugs.debian.org, "Gerfried Fu
* milan.kral [2013-10-01 13:34:05 CEST]:
> www.debian.org is important main Debian web page, but it doesn't
> support https. Could it be possible to enable HTTPS? For example
> lists.debian.org, wiki.debian.org support HTTPS.
Because on lists.debian.org you have subscribe information, handing
ov
Package: www.debian.org
Severity: wishlist
Hi,
www.debian.org is important main Debian web page, but it doesn't
support https. Could it be possible to enable HTTPS? For example
lists.debian.org, wiki.debian.org support HTTPS.
bugs.debian.org should also support HTTPS
Kind regards,
Milan Kral
-
5 matches
Mail list logo
