Y
Hacker News
new
|
ask
|
show
|
jobs
by
gellerb
4435 days ago
ds9, yes, "site certs the browser doesn't trust a CA for" is more accurate. You can find the exact details of HSTS and self-signed certs in the draft in section 11.3[1]. I've updated the post to hopefully be more clear.
[1]
http://tools.ietf.org/html/draft-ietf-websec-strict-transpor...