I began interviewing people for jobs about three years in to my career. Over the past decade, I've run hundreds of phone interviews, Skype interviews and in-person interviews. Over time, my approach, and what I look for has changed. I've always relied a lot on gut feel, looking for people similar to those who already work for the company (safe bets) or looking for red flags if a candidate does not stand out, but recently my quesions have changed to focus more on how someone approaches their work, rather than what they know right now.
I've been playing with HTTP Strict Transport Security (HSTS, I'm late to the party as usual) and there's some misconceptions that I had going in that I didn't know about that threw me a bit. So, here's a no nonsense guide to HSTS.
Over the last few months I've been putting together my talk for the year, based on a blog post that is titled "HTTPS is Hard". You can read the full article on the Yell blog on which it is published. There's also an abridged version on Medium. It's been a very long time coming, and has changed over the time I've been writing it, so I thought I'd get down a few reflections on the article.