Page MenuHomePhabricator

Certificate Authority (CA) Pinning for
Closed, ResolvedPublic


At the moment we are just as everyone else vulnerable to malicious certificate authorities issuing fraudulent SSL certificates.

CA pinning is in the works. References:

Not perfect, not only pinning the certificate fingerprint, still depending on two CA's but at least not on a massive amount of them.

Once done, we should apply for it.



Needs Triage

Event Timeline

JasonJAyalaP raised the priority of this task from to Needs Triage.
JasonJAyalaP triaged this task as Wishlist priority.
JasonJAyalaP updated the task description. (Show Details)
JasonJAyalaP added a subscriber: JasonJAyalaP.
Patrick set Impact to Needs Triage.
Patrick added a subscriber: HulaHoop.
Patrick updated the task description. (Show Details)

Same as T84#14765.

Patrick changed the task status from Invalid to Resolved.Jul 14 2018, 12:02 PM

We have now a DNS Certification Authority Authorization (CAA) Policy.