subsequently also not create a CSR.)
Pin the SSL cert by using a local self signed CA.
Cheers,
proper
__
powered by Secure-Mail.biz - anonymous and secure e-mail accounts
noloa...@gmail.com wrote:
You pin a certificate by whitelisting expected server certificates
(possibly thumbprints).
How to do that?
There's usually no need to sign another's key
or certificate (I've never done it that way, and never seen it done
that way).
A little more background...
-compsys/racecond.pdf),
but I believe the risk is small.
Since the implementation will be Open Source it were possible for an adversary
to take advantage of TOCTOU, i.e. not tamper with s_client traffic but tamper
with wget traffic.
Cheers,
proper
