[NIFI-5587] Implement HPKP header - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Won't Fix
Affects Version/s: 1.7.1
Fix Version/s: None
Component/s: Core Framework
Labels:
- certificate
- hpkp
- https
- pki
- security
- tls

Description

HTTPS Public Key Pinning allows for explicit public keys to be transmitted to a client instructing the client to only trust those keys for the service. This should only be implemented in conjunction with a strong certificate management strategy, as pinning a public key that is later compromised or expired without having a backup can lead to clients being blocked from using the legitimate service.

More details on HPKP are available in RFC 7469.

Attachments

Issue Links

relates to

NIFI-2437 Enforce HSTS to require HTTPS connections if available

Resolved

Activity

People

Assignee:: Unassigned

Reporter:: Andy LoPresto

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Sep/18 16:56

Updated:: 03/Nov/21 03:06

Resolved:: 03/Nov/21 03:06