Enroll all Bisq infrastructure in HSTS preload lists

[wiz]

All the Bisq infrastructure should enroll in HSTS preload list if not already done so:

• bisq.network: https://hstspreload.org/?domain=bisq.network - since 1 year ago via Enable HSTS preload for bisq.network domain name bisq-website#210
• bisq.wiki: https://hstspreload.org/?domain=bisq.wiki
• bisq.community: https://hstspreload.org/?domain=bisq.community
• mempool.space: https://hstspreload.org/?domain=mempool.space
• mempool.emzy.de: https://hstspreload.org/?domain=emzy.de
• bisq.services: https://hstspreload.org/?domain=bisq.services
• bisq.cc: https://hstspreload.org/?domain=bisq.cc
• vante.me: https://hstspreload.org/?domain=vante.me
• sqrrm.net: https://hstspreload.org/?domain=sqrrm.net

[sqrrm]

Could you explain what this does? It seems to complain about sqrrm.net, not surprising as it's not point anywhere.

[devinbileck]

bisq.services is pending submission.
I have a dummy site on netlify that I added the header to.

[Emzy]

emzy.de is now pending inclusion in the HSTS preload list.

[wiz]

@sqrrm HSTS just disables non-https HTTP protocol in web browsers for the domain name, which is best practice these days to prevent MITM attacks by malicious Tor exit nodes

[wiz]

FYI it seems that adding bisq.network to the HSTS list a year ago in bisq-network/bisq-website#210 most likely protected Bisq from this recent MITM attack from Tor exit nodes: https://blog.torproject.org/bad-exit-relays-may-june-2020

[mrosseel]

Status: vante.me is pending submission to the preload list.