Get tails.boum.org on the Chrome HSTS preload list
The preload list form Chrome is based on HSTS, and available in full here:
They pin their CA but not their public key directly.
They have a dedicated site to request for inclusion:
https://hstspreload.appspot.com/
I’m not sure we could apply according to “Serve all subdomains over
HTTPS”. Sure “tails.boum.org” serves everything as HTTPS and
“dl.amnesia.boum.org” is not a subdomain of “tails.boum.org”. But the
cert is issued to “boum.org”, which doesn’t comply with this rule.
mayfirst.org is in there so we might as well ask dkg for more details.
Parent Task: #8191 (closed)
Related issues
- Related to #9796 (closed)
-
Blocked by #8192 (closed)
Original created by @sajolida on 9102 (Redmine)