Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
dagenix
on Sept 18, 2018
|
parent
|
context
|
favorite
| on:
Extended Validation Certificates Are Dead
Except that HPKP is being deprecated by Chrome (
https://groups.google.com/a/chromium.org/forum/#!msg/blink-d...
). And I'd suspect other browsers will follow.
BillinghamJ
on Sept 18, 2018
|
next
[–]
I don’t mean website pinning. I mean eg apps etc
sandij
on Sept 18, 2018
|
prev
[–]
When pinning CAs instead of certificates, you’d use CAA instead of HPKP.
toast0
on Sept 18, 2018
|
parent
|
next
[–]
CAA isn't restricting acceptance of certs, it's restricting issuance, assuming the attempted issuer is compliant, competent, and that your domain didn't get hijacked.
BillinghamJ
on Sept 18, 2018
|
parent
|
prev
[–]
That wouldn’t work, as there’s no differentiator between EV and non-EV
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
