Skip to content

Commit

Permalink
add HSTS preload requirement for wallets
Browse files Browse the repository at this point in the history
  • Loading branch information
@jameshilliard
jameshilliard committed Apr 9, 2016
1 parent 40ee4be commit ffaf884
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -719,7 +719,7 @@ Basic requirements:
- No concerning bug is found when testing the wallet
- Website supports HTTPS and 301 redirects HTTP requests
- SSL certificate passes [Qualys SSL Labs SSL test](https://www.ssllabs.com/ssltest/)
- Website serving executable code or requiring authentication uses HSTS with a max-age of at least 180 days
- Website serving executable code or requiring authentication uses HSTS with a max-age of at least 180 days and is included in the [HSTS preload list](https://hstspreload.appspot.com/)
- The identity of CEOs and/or developers is public
- Avoid address reuse by using a new change address for each transaction
- If private keys or encryption keys are stored online:
Expand Down

0 comments on commit ffaf884

Please sign in to comment.