Corey Csuhta

HSTS max-age=0 reported as "Unknown"

Discussion created by Corey Csuhta on May 14, 2014
Latest reply on May 16, 2014 by Ivan Ristić

If a server is sending `Strict-Transport-Security: max-age=0`, SSL Server Test reports "Unknown" next to the HSTS line in Protocol Details.

 

I feel like this messaging could be improved. Maybe something like this?

 

max-age=0 DE-LISTING REQUESTED (more info)

 

And then link to here for more info? https://tools.ietf.org/html/rfc6797#section-6.1.1

Outcomes