Several federal agencies have requested additional clarity around the requirements for redirect domains. This change is an attempt to make explicit that redirect domains that are currently only serving port 80 must also serve 443 and generally comply with M-15-13.
The change also explains that redirect domains need not (but might want to, especially w/r/t preloading) redirect internally to the https:// version first.
Several federal agencies have requested additional clarity around the requirements for redirect domains. This change is an attempt to make explicit that redirect domains that are currently only serving port 80 must also serve 443 and generally comply with M-15-13.
The change also explains that redirect domains need not (but might want to, especially w/r/t preloading) redirect internally to the https:// version first.