Y
Hacker News
new
|
ask
|
show
|
jobs
by
yuhong
4437 days ago
I am thinking that a HSTS option enabling hard-fail OCSP plus OCSP stapling is probably a good idea, though probably less secure than putting it in the certificate.