[whatwg] Proposal for secure alternative connection

Ian Hickson ian at hixie.ch
Tue Jan 31 15:39:14 PST 2012


On Wed, 14 Dec 2011, Ilhan Y. wrote:
>
> I want to propose "secure alternative connection for the current 
> connection". It has to me specified either by headers or by meta tag. 
> Examples:
> 
> Header example: Secure: https://pay.reddit.com/
> 
> Meta tag example: <meta name="secure" content="https://pay.reddit.com/">
> 
> When a user sets his web browser to connect over secure connection if 
> available then the browser will redirect itself to that secure 
> connection. Also, this is backward capable.

On Wed, 14 Dec 2011, Anne van Kesteren wrote:
> 
> How is this different from a redirect?
> 
> It sounds like you might be interested in 
> http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec 
> though.

I haven't added anything to the spec at this time. I recommend approaching 
the group working on the spec Anne mentions above.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'


More information about the whatwg mailing list