What are the advantages and disadvantages of key pinning, and why has it fallen out of favor despite its initial promise?
Wednesday, 12 June 2024
by EITCA Academy
Key pinning, also known as HTTP Public Key Pinning (HPKP), is a security mechanism that allows HTTPS websites to resist impersonation by attackers using misissued or otherwise fraudulent certificates. By specifying which public keys are supposed to be present in the certificate chain for a given domain, key pinning provides an additional layer of security
- Published in Cybersecurity, EITC/IS/ACSS Advanced Computer Systems Security, Network security, Certificates, Examination review
Tagged under:
Certificate Transparency, Cybersecurity, Expect-CT, HPKP, Key Management, Man-in-the-Middle