|
|
|
|
|
|
by swiftcoder
679 days ago
|
|
|
In practice pinning tends to be very "best effort", if not outright disadvantageous. All our apps had to auto-disable pinning less than a year after the build date, because if the user hadn't updated the app by the time we had to renew all our certs... they'd be locked out. Also dealt with the fallout from a lovely little internet-of-things device that baked cert pinning into the firmware, but after a year on store shelves the clock battery ran out, so they booted up in 1970 and decided the pinned certs wouldn't become valid for ~50 years :D |
|
|