Apache Traffic Server can be used as Reverse Proxy as well as for TLS (SSL) Termination for a huge number of sites.
As such is the ideal point to implement HTTP Strict Transport security.
I propose enable administrators to globally (records.config) configure HSTS for all sites that offer both, HTTP and HTTPS. (This switch, if backported, should default to off for stable releases.)
We should further also make it possible to disable this setting per-site (ssl_multicert.config).