Details

      Description

      HTTPS Public Key Pinning allows for explicit public keys to be transmitted to a client instructing the client to only trust those keys for the service. This should only be implemented in conjunction with a strong certificate management strategy, as pinning a public key that is later compromised or expired without having a backup can lead to clients being blocked from using the legitimate service.

      More details on HPKP are available in RFC 7469.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              alopresto Andy LoPresto
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: