Andy LoPresto created NIFI-5587:
-----------------------------------
Summary: Implement HPKP header
Key: NIFI-5587
URL: https://issues.apache.org/jira/browse/NIFI-5587
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Affects Versions: 1.7.1
Reporter: Andy LoPresto
[HTTPS Public Key
Pinning|https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning] allows for
explicit public keys to be transmitted to a client instructing the client to
only trust those keys for the service. This should only be implemented in
conjunction with a strong certificate management strategy, as pinning a public
key that is later compromised or expired without having a backup can lead to
clients being blocked from using the legitimate service.
More details on HPKP are available in [RFC
7469|https://tools.ietf.org/html/rfc7469].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
