Y
Hacker News
new
|
ask
|
show
|
jobs
by
Liquid_Fire
2379 days ago
HTTPS will protect you against hijacked DNS requests as well.
1 comments
dijit
2379 days ago
Not by itself, if you have special HTTP headers it will. But some of those are deprecated (HPKP; for example)[0]
[0]:
https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning#Browse...
link
Liquid_Fire
2379 days ago
If you hijack the DNS request and respond with the IP of a different server, that server will not have a valid certificate for the domain in question. Why are any extra features required?
link
[0]: https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning#Browse...