HTTP Strict Transport Security
GPTKB entity
Statements (53)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:software
|
| gptkbp:bfsLayer |
4
|
| gptkbp:bfsParent |
gptkb:Mozilla_Observatory
|
| gptkbp:applies_to |
HTTPS websites
|
| gptkbp:can_be |
a specific duration
|
| gptkbp:communication |
6797
|
| gptkbp:developed_by |
gptkb:Internet_Engineering_Task_Force
|
| gptkbp:enables |
web developers
|
| gptkbp:enforces |
secure connections
|
| gptkbp:first_introduced |
gptkb:RFC_6797
|
| gptkbp:headliner |
gptkb:Strict-Transport-Security
|
| https://www.w3.org/2000/01/rdf-schema#label |
HTTP Strict Transport Security
|
| gptkbp:includes |
max-age directive
preload directive include Sub Domains directive |
| gptkbp:is_adopted_by |
gptkb:Educational_Institution
non-profit organizations social media platforms small businesses e-commerce websites tech companies large organizations government websites major websites banking websites healthcare websites |
| gptkbp:is_considered |
a best practice
|
| gptkbp:is_countered_by |
HTTP downgrade attacks
|
| gptkbp:is_effective_against |
DNS spoofing
SSL stripping without prior HSTS |
| gptkbp:is_implemented_in |
web servers
application code web server configuration |
| gptkbp:is_part_of |
secure web practices
secure web architecture HTTP protocol enhancements HTTPS implementation web security best practices |
| gptkbp:is_protected_by |
downgrade attacks
|
| gptkbp:is_related_to |
gptkb:public_transportation_system
web application security |
| gptkbp:is_supported_by |
modern web browsers
mobile browsers desktop browsers |
| gptkbp:is_used_to |
enhance data security
improve user trust secure sensitive transactions enforce HTTPS prevent data interception |
| gptkbp:purpose |
to protect websites against man-in-the-middle attacks
|
| gptkbp:requires |
gptkb:HTTPS
|
| gptkbp:setting |
HTTP response header
|
| gptkbp:suitable_for |
security experts
|