

Upgrading HTTPS in Mid-Air [pdf] - thomasrossi
http://jbonneau.com/doc/KB14-hsts_pinning_survey_working_draft.pdf

======
thomasrossi
It was my discussion topic for a security extra course. I am curious to hear
some more discussion:) In particular about the key-pinning, I think Bizantine
Consensus should be the only way to handle the public keys delivery. Trusting
"at least" one of pinned CAs looks only mildly better than what is out there
now.

