Public-Key-Pins-Disabled/EN/Description

Aus Siwecos
Wechseln zu: Navigation, Suche

Powerful attackers, such as intelligence agencies, can create a signature with the help of a certification agency that is accepted by users. To prevent this, a website can be configured so that the certificate must be saved permanently (pinning) when it is called up for the first time. If Key Pinning is used, only the saved certificate will be accepted for the period of time specified by the website.