move unimportant OCSP stapling feature

2021-03-29 15:23:28 -04:00 · 2021-03-29 15:23:28 -04:00 · a1f672e7b9
commit a1f672e7b9
parent 0326db8f19
1 changed files with 1 additions and 1 deletions
--- a/static/features.html
+++ b/static/features.html
@ -212,7 +212,6 @@
                    <li>Authenticated encryption for all of our services</li>
                    <li>Strong cipher configurations for all of our services (SSH, TLS, etc.) with
                    only modern AEAD ciphers providing forward secrecy</li>
-                    <li>Our web services use robust OCSP stapling with Must-Staple</li>
                    <li>Our web sites do not include any third party content and entirely forbid
                    it via strict Content Security Policy rules</li>
                    <li>Our web sites disable referrer headers to maximize privacy</li>
@ -229,6 +228,7 @@
                    when sending mail including alert messages from the attestation service</li>
                    <li>SSHFP across all domains for pinning SSH keys</li>
                    <li>Static key pinning for our services in apps like Auditor</li>
+                    <li>Our web services use robust OCSP stapling with Must-Staple</li>
                    <li>No persistent cookies or similar client-side state for anything other than
                    login sessions, which are set up via SameSite=strict cookies and have
                    server-side session tracking with the ability to log out of other