Fixing HPKP with Certificate Constraints

0 Comment

Source: Qualys Labs
Fixing HPKP with Certificate Constraints

This is the third post in my series on HPKP. In my first post I declared HPKP dead, and in my second post I explored the possibility of fixing it by introducing pin revocation. Today I will consider an entirely different approach to make HPKP much safer, by changing how it’s activated. In my previous blog post I argued that the biggest flaw of HPKP is that it doesn’t tolerate failures. That’s why…

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: