Security Researchers Lose Faith in HTTP Public Key Pinning

A few years ago, Google security engineers proposed a method for webmasters to protect their users from hackers who might try to impersonate HTTPS websites by using fraudulently obtained SSL certificates. The security mechanism, known as HTTP Public Key Pinning (HPKP) or certificate pinning, is now an internet standard, but some security researchers are having … Read more