mrisher
commented
8 years ago Wouldn't this return sts-invalid in the TLSRPT report? Or is there another place you'd like to report this?
Closed lbaudoin closed 8 years ago
mrisher
commented
8 years ago Wouldn't this return sts-invalid in the TLSRPT report? Or is there another place you'd like to report this?
lbaudoin
commented
8 years ago Without also reading the TLSRPT RFC it wasn't clear that the STS 'enforce' mode would also report so it might help to mention it in the STS document. It is not a big deal I just thought I'd mention it.
danmarg
commented
8 years ago d6019c5
When a policy fails and the mode is 'enforce' it seems that we should report the failure as well as fail. An alternative is to have an 'enforce and report' mode.