Well. That is the reason for Certificate Pinning. And these days there is no exc... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		alcoholic_byte on July 9, 2020 \| parent \| context \| favorite \| on: New German law would force ISPs to allow secret se... Well. That is the reason for Certificate Pinning. And these days there is no excuse to not enable it server-side. Helped me detect some MITM-Interceptions. Not that the content was malicious (OpenDNS just rerouted my requests to a "This site is blocked page", but the certificate was signed by Cisco, and thus valid. Certificate Pinning still picked it up. Little hint: It was an Archlinux-site.).

DelightOne on July 9, 2020 [–]

Here [1] it says that Chrome stopped supporting HTTP Public Key Pinning (HPKP) with Chrome 72. There are other debates on it. See the discussions for excuses.

Or is cert pinning something different than HPKP?

- [1]: https://security.stackexchange.com/questions/213410/did-goog...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact