> > Is there any particular reason you're using key fingerprints instead of cert > > fingerprints? It seems like the latter might be slightly easier to > > implement, since you don't have to parse the cert. > > I assume it's because the certificates public keys are embedded within, in > practice, can change without the key pairs themselves changing. > > The rationale ought to of course be noted in the spec.
Public keys can change too, of course. And it's often the cases where keys need to change that are the most important! In general, it seems like these "pinning" strategies do need some sort of provision for rollover. --Richard _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
