Tag Archives: STS

How to Deploy HTTPS Correctly

December 5, 2010 by Bruce Morton     No Comments

I came across ‘How to Deploy HTTPS Correctly’ written by Chris Palmer of the Electronic Frontier Foundation. Chris does a great job  explaining why web site operators should use HTTPS versus just HTTP. He points out a couple of good practices that were not previously addressed in my blog post, ‘SSL Deployment Mistakes’: Scope sensitive [Read More...]

Filed Under: SSL Deployment Tagged With: HTTPS, STS

HTTP Strict Transport Security (HSTS)

November 26, 2010 by Bruce Morton     No Comments

I recently blogged about Firesheep, the Firefox extension that can be used to compromise a secure connection to a website that you have connected to from an open Wi-Fi hotspot. The truth is the vulnerability that Firesheep exposes is not new, but little was done about it. Not so anymore, help is on the way. [Read More...]

Filed Under: Secure Browsing, SSL Deployment Tagged With: Firefox, Firesheep, HSTS