Y
Hacker News
new
|
ask
|
show
|
jobs
by
metadat
1387 days ago
Why isn't there a site-controlled fallback setting for this?
Does this not make sense? Abu given website's beet interest is to continue to be reachable.
1 comments
tremon
1387 days ago
Every escape hatch in the certificate validation is also an additional avenue for attack. For example, using a DNS record to override certificate pins makes DNS cache poisoning much more valuable to the attacker.
link
forgotmypw17
1385 days ago
Every layer of security is also an additional accessibility hurdle.
link
metadat
1387 days ago
Got it, thanks @tremon.
link