US .Gov Domains to Preload HSTS for Maximum Security
The DotGov program announced on Sunday that all government domains will automatically preload from TLDs to HSTS beginning September 1, 2020. The HSTS standard is more secure, as it always enforces an HTTP connection to a website. HSTS also serves to prevent users from clicking a domain with a certification error.
However, most users are not protected by HSTS until they’ve encountered the HSTS header on a site at least once, meaning that users will only be protected after their first secure connection to a given domain. A domain can also be submitted to the HSTS preload list, which consists of a list of domains embedded into browsers.