I actually regret HPKP as a header, in some ways. https://tools.ietf.org/html/draft-sheffer-tls-pinning-ticket-01#section-6.1 … is just a disappointing strawman though...
-
-
Replying to @sleevi_
The answer is that key management is hard. HPKP suffers from client errors, but balanced constituencies. Yet stronger pins = worse for user
1 reply 0 retweets 7 likes -
Replying to @sleevi_
I think it would be a mistake to ever support a pinning solution with 'server-side detection'. Well-intentioned, but like Error 53, antiuser
1 reply 0 retweets 1 like -
Replying to @sleevi_
Anyone who tells you to pin less than the root is either arguing a strawman or trying to get you to brick yourself. IETF compromises suck.
5 replies 0 retweets 4 likes
@sleevi_ It's insidious because breakage will occur without site operator even touching their server config. Solution: also pin EE keys.
10:05 AM - 7 Feb 2016
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.