I actually regret HPKP as a header, in some ways. https://tools.ietf.org/html/draft-sheffer-tls-pinning-ticket-01#section-6.1 … is just a disappointing strawman though...
-
-
Replying to @sleevi_
The answer is that key management is hard. HPKP suffers from client errors, but balanced constituencies. Yet stronger pins = worse for user
1 reply 0 retweets 7 likes -
Replying to @sleevi_
I think it would be a mistake to ever support a pinning solution with 'server-side detection'. Well-intentioned, but like Error 53, antiuser
1 reply 0 retweets 1 like -
Replying to @sleevi_
Anyone who tells you to pin less than the root is either arguing a strawman or trying to get you to brick yourself. IETF compromises suck.
5 replies 0 retweets 4 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.