Public-Key-Pins-Disabled/EN/Background

Aus Siwecos
Version vom 4. Juli 2018, 12:58 Uhr von Siwebot (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „One of the most difficult headers for non-experts to configure. If you have a SSL-Zertifikat, you can communicate to the requesting Browser…“)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu: Navigation, Suche

One of the most difficult headers for non-experts to configure. If you have a SSL-Zertifikat, you can communicate to the requesting Browser how long the certificate will still be valid, and send a "key" as a unique identification. On the next request, the browser can then check whether the Zertifikat is still the original Zertifikat. If an attacker tries to offer a forged Zertifikat to the user, the Webbrowser will not send any data and not display any information. Further information about Public Key Pinning: Public Key Pinning (HPKP)

Abgerufen von „https://www.siwecos.de/wiki/index.php?title=Public-Key-Pins-Disabled/EN/Background&oldid=6918