On Sun 2018-01-14 18:23:59 +0000, Heiko Richter wrote: > hardcoding a root certificate into a program has > *never* been any kind of accepted security system.
pinning certificates (either end-entity or further up the chain) is considered a good practice in a design where there is an expected service that will be connected to, and that service has a known certificate management lifecycle. You see this regularly in mobile app development. for example: https://stackoverflow.com/questions/15728636/how-to-pin-the-public-key-of-a-certificate-on-ios GnuPG is not a mobile app, but it does ship with some built-in knowledge about the keyserver pool, and it uses that knowledge *specifically* for the sake of secure connections to the pool. This is commonly-accepted best practice because it reduces the exposure to all the rest of the CA cartel mishegas. Many thanks to Kristian for managing the pool for so long! --dkg
signature.asc
Description: PGP signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
