https://issues.apache.org/bugzilla/show_bug.cgi?id=54618
--- Comment #4 from Mark Thomas <ma...@apache.org> --- HSTS has a fairly major hole: the bootstrap MITM problem. There are suggested solutions but the current pre-loaded lists contain a very small number of sites. Further, the practicalities of trying to build a reasonable pre-loaded list mean that a pre-loaded list is very unlikely to resolve the bootstrap MITM problem. Personally, I not convinced of the usefulness of this feature at this point in time. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
