|
|
|
|
|
|
by seanmcelroy
3033 days ago
|
|
|
HPKP is what the article you posted to is referring to, and probably will go away completely. However, profiling the public key of the site a mobile app connects to and erroring out if it is compromised to prevent MitM attacks is called 'certificate pinning' for mobile apps but is not related to the HPKP pinning of browsers. A reference for certificate pinning: https://blog.netspi.com/certificate-pinning-in-a-mobile-appl... |
|
|
Makes me suspect that a lot of client side validation is happening with mobile apps.