Gary said: >> There is a downside. Every time it changes, you have to take >> a leap of faith when you re-pin it, rather than getting normal >> CA validation. > You miss the point, this is addition to normal CA validation, not an > alternative to it. Just like HPKP.
I'm missing something important. Why would I need additional validation? Isn't normal certificate validation good enough? -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
