Luke, ----- Original Message ----- From: "lkcl luke" <luke.leigh...@gmail.com> To: "Jonas Sicking" <jo...@sicking.cc> Cc: dev-weba...@lists.mozilla.org, "ptheriault" <ptheria...@mozilla.com>, "Jim Straus" <jstr...@mozilla.com>, dev-security@lists.mozilla.org, cjo...@mozilla.com, "Mozilla B2G mailing list" <dev-...@lists.mozilla.org> Sent: Friday, March 16, 2012 1:10:00 PM Subject: Re: [b2g] OpenWebApps/B2G Security model
> actually, SSL *does* solve it, i forget the name of the technical > solution but it's used by the BBC on the HTTPS traffic for the bbc > ipplayuh. they allow *ONLY* certain PKI Certificates to be used. fwiw, it's usually called 'certificate pinning' or 'key pinning' or 'CA pinning' or something like that including 'pinning' thanks ian _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security