[webkit-dev] HSTS user tracking
mcatanzaro at igalia.com
Thu Mar 1 10:44:32 PST 2018
On Fri, Jan 5, 2018 at 3:11 PM, Brent Fulgham <bfulgham at apple.com>
> I’m sorry we haven’t been forthcoming with details. We have
> wanted to put together a blog post explaining our fix, but have been
> preoccupied with a number of other security issues.
> I will make this my top priority, or at least give a rough overview
> to the webkit-security folks if we can’t put together a blog-worthy
> document fast enough.
It'd still be great to get some details about your strategy for
mitigating user tracking via HSTS.
It should be suitable for webkit-dev, rather than the private security
More information about the webkit-dev