Y
Hacker News
new
|
ask
|
show
|
jobs
by
konklone
3430 days ago
Very true. HPKP is not part of this change, and if you look at GSA's guidance on HPKP, it's cognizant of this risk:
https://https.cio.gov/certificates/#http-public-key-pinning