Not every OS uses the desktop security model and getting the user to install a cert shouldn't break HPKP.
-
-
+1 - good defense in depth. Outbound encryption/obfusc must also be controlled ... somehow.
-
It's controlled by not having an outbound. If there's an outbound you already lost.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.