Opened 4 years ago

Closed 15 months ago

#1413 closed enhancement (wontfix)

public key pinning for our sites

Reported by: killyourtv Owned by: echelon
Priority: minor Milestone:
Component: www/i2p Version: 0.9.16
Keywords: Cc:
Parent Tickets:


As suggested by Anarchos on IRC it may be worthwhile have our certs pinned by Mozilla and/or any other browsers.


Change History (5)

comment:1 Changed 4 years ago by zzz

Somewhat related proposal for pseudo-pinning of our reseed hosts: http://zzz.i2p/topics/1752

comment:2 Changed 3 years ago by str4d

  • Status changed from new to open

comment:3 Changed 15 months ago by echelon

  • Owner set to echelon
  • Status changed from open to assigned

comment:4 Changed 15 months ago by echelon

Certificate pinning is mostly obsolete.
It will be removed from chrome in 2018, also IE/Edge does not support it at all.
New one is:

comment:5 Changed 15 months ago by zzz

  • Resolution set to wontfix
  • Status changed from assigned to closed

agreed. Also dangerous. See 'suicide by pinning'

Note: See TracTickets for help on using tickets.