IE12 to Support HSTS Encryption Protocol
Read more - http://threatpost.com/ie-12-to-support-hsts-encryption-protocol/105266
Microsoft confirmed today it will support HTTPS Strict Transport Protocol (HSTS) in Internet Explorer 12, bringing its browser in line with other major vendors in its support of the protocol.
Browsers supporting HSTS force any sessions sent over HTTP to be sent instead over HTTPS, encrypting communication to and from a website.
According to OWASP, HSTS protects users from a number of threats, in particular man-in-the-middle attacks by not only forcing encrypted sessions, but also stopping attackers who use invalid digital certificates. The protocol denies users the ability to override invalid certificate messages. HSTS also protects users from HTTPS websites that also may include HTTP links or serve content unencrypted.
IE 12 is expected to be released this year; IE 11 was introduced in October 2013 and is the default browser in Windows 8.1.
IE 12’s support of HSTS puts it on an even keel with other browsers, some such as Chrome and Firefox have supported the protocol since 2011. Apple added HSTS support on Safari upon the release of Mavericks 10.9.
Browsers supporting HSTS force any sessions sent over HTTP to be sent instead over HTTPS, encrypting communication to and from a website.
According to OWASP, HSTS protects users from a number of threats, in particular man-in-the-middle attacks by not only forcing encrypted sessions, but also stopping attackers who use invalid digital certificates. The protocol denies users the ability to override invalid certificate messages. HSTS also protects users from HTTPS websites that also may include HTTP links or serve content unencrypted.
IE 12 is expected to be released this year; IE 11 was introduced in October 2013 and is the default browser in Windows 8.1.
IE 12’s support of HSTS puts it on an even keel with other browsers, some such as Chrome and Firefox have supported the protocol since 2011. Apple added HSTS support on Safari upon the release of Mavericks 10.9.
Read more - http://threatpost.com/ie-12-to-support-hsts-encryption-protocol/105266
