It would be useful to have something akin to pinning-test.badssl.com or the old pinningtest.appspot.com that allows us to test production data relating to the dynamic preload mechanisms for STS and PKP. For each of these, we'd need a real (mozilla) FQDN pointing to an actual host. In the STS case, this should have some configuration disallowed by HSTS (e.g. no TLS or a bad certificate). In the PKP case, there should be a good certificate chain. The STS preload entry should just enable STS for the STS host (including sub-domains is not necessary). The PKP preload entry should have an incorrect pinset for the chain served by the PKP test host.
You need to log in before you can comment on or make changes to this bug.