Re: [websec] #53: Clarify status of pin validation when used with private trust anchors

#53: Clarify status of pin validation when used with private trust anchors Comment (by pal...@google.com): The current draft has this text: 578 If the connection has no errors, then the UA will determine whether to 579 apply a new, additional correctness check: Pin Validation. A UA SHOUL

Re: [websec] #56: Specify includeSubdomains directive for HPKP

#56: Specify includeSubdomains directive for HPKP Changes (by pal...@google.com): * status: assigned => closed * resolution: => fixed Comment: There seems to be consensus that this is done. -- ---+ Reporter: pal...@google.co

Re: [websec] #55: Clarify that the newest pinning information takes precedence

#55: Clarify that the newest pinning information takes precedence Changes (by pal...@google.com): * status: assigned => closed * resolution: => fixed Comment: Per discussion on the list, adopted Sleevi's text but changed "evict" to "ignore". https://code.google.com/p/key-pinning- dr