On Tue, Sep 13, 2011 at 12:37 PM, Daniel Kahn Gillmor <d...@fifthhorseman.net> wrote:
> So certificate pinning isn't bad in this case -- CA Certificate pinning > is bad. Not even that, really. Pinning your CA and not having a backup pin that chains up to a different CA is the bad thing. _______________________________________________ websec mailing list websec@ietf.org https://www.ietf.org/mailman/listinfo/websec