I remember sitting around with a few friends at Chrome Dev Summit last year. The conversation eventually turned to security. We all agreed about how massively important it was, but we also each acknowledged that it’s not trivial to do correctly. It’s not the most accessible topic and the tooling and standards can be a bit unwieldy.| timkadlec.com
I recently gave the Let’s Encrypt client a try and wrote up how that went. One of the follow-up questions that popped up was about HTTP Strict Transport Security (HSTS) and whether Let’s Encrypt’s helps with it. Since the question came up several times, I thought it would be worth writing up.| timkadlec.com