[ARIN-consult] Consultation on ACSP 2018.3
David Farmer
farmer at umn.edu
Wed Mar 28 17:33:22 EDT 2018
On Wed, Mar 28, 2018 at 4:16 PM, ARIN <info at arin.net> wrote:
> ...
> Question: Should ARIN automatically redirect user Whois queries made
> via "http" to "https"?
>
No, ARIN should not automatically redirect Whois queries made via "http" to
"https". Insecure Whois queries made via "http", need to be allowed. Maybe
a warning could be provided, with a link to direct the whois query to
"https".
Question: If ARIN redirects http to https requests, should ARIN then
> use HSTS for web-based Whois queries?
>
HSTS should be provided for Whois queries made via "https", even though I
don't think Whois queries made via "http" should be automatically
redirected to "https".
Thanks.
--
===============================================
David Farmer Email:farmer at umn.edu
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: 612-626-0815
Minneapolis, MN 55414-3029 Cell: 612-812-9952
===============================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.arin.net/pipermail/arin-consult/attachments/20180328/fcbd08c9/attachment.html>
More information about the ARIN-consult
mailing list