don't forget things we said during the meeting. put it into TODO.md
authorAaron Kaplan <aaron@lo-res.org>
Mon, 20 Jan 2014 19:25:29 +0000 (20:25 +0100)
committerAaron Kaplan <aaron@lo-res.org>
Mon, 20 Jan 2014 19:25:29 +0000 (20:25 +0100)
TODO.md

diff --git a/TODO.md b/TODO.md
index 4f84733..3fe27cb 100644 (file)
--- a/TODO.md
+++ b/TODO.md
@@ -73,6 +73,12 @@ Workflow
 
 Contents
 ========
+
+* Webservers:
+  Header Strict-Transport-Security "... includeSubDomains": we need to meed to mention that this can be a big pitfall.
+  Also do some more research on this!
+  For example: http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec#section-6.1
+
 * scan our local region of the internet for https/smtp/imaps/pop3s
 
 * Common Pitfalls: