# HSTS Protocol

Internet Engineering Organization IETE is promoting a new Web Security protocol, HTTP Strict Transport Security (HSTS). Websites using the HSTS protocol will ensure that the browser is always connected to the HTTPS encrypted version of the website, without requiring the user to manually enter the encrypted address in the URL address bar. The protocol will help websites adopt global encryption so that users see a secure version of the site.

The purpose of HSTS is to force a client (such as a browser) to create a connection to the server using HTTPS. The server enables HSTS by including the Strict-Transport-Security field in the hypertext Transfer protocol (TLS) response header returned by the server when the client makes a request over HTTPS. The HSTS field set during unencrypted transmission is invalid.