Public-Key-Pins-Disabled/EN/Background

Aus Siwecos
Wechseln zu: Navigation, Suche

One of the most difficult headers for non-experts to configure. If you have a SSL certificate, you can communicate to the requesting browser how long the certificate will still be valid, and send a "key" as a unique identification. On the next request, the browser can then check whether the certificate is still the original certificate. If an attacker tries to offer a forged certificate to the user, the web browser will not send any data and not display any information. Further information about Public Key Pinning: Public Key Pinning (HPKP).

Abgerufen von „https://www.siwecos.de/wiki/index.php?title=Public-Key-Pins-Disabled/EN/Background&oldid=9630