|
|
|
|
|
|
by pfg
3800 days ago
|
|
|
Most HPKP deployments pin to root or intermediate certificates of CAs (usually 2 separate CA entities, in case something happens to the primary CA) - meaning in a typical scenario, the attack surface is approximately the same. Not sure if this approach is common in native applications that pin to keys as well. |
|
|