Policy to Force clients to use HTTP Strict Transport Security (HSTS)