Am 04.02.2013 13:22, schrieb Donald Stufft: > On Monday, February 4, 2013 at 7:20 AM, Donald Stufft wrote: >> There can be more work in the future in making a reasonable >> end to end validation story possible however there are a few >> clear and easy wins especially with related to getting a real >> trusted SSL certificate paid for and installed and enforcing >> SSL. > I should probably note that both SSL and DNSSEC are steps > taken by Crate.io to prevent MITM. Crate went so far as to > contact Chrome and get crate.io added to the HSTS preload > list in Chrome so that in Chrome it's impossible to ever > access Crate w/o a valid SSL certificate.
+1 for HSTS I wrote an email regarding HSTS to the infrastructure list about 15 minutes ago. It's good to see that you have the same opinion. :) _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
