Hacker News new | comments | ask | show | jobs | submit login

HPKP was underdesigned; it was a protocol evolution of something Google was already doing semi-manually. There was a competing initiative inside Google --- certificate transparency --- and that won out.

There's validity in the approach and I hope it comes back sometime, maybe with additional mechanism around managing pins.






Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: