On Thu, Feb 27, 2014 at 1:44 AM, Yoav Nir <[email protected]> wrote:
>
>
> I (with no hats) am very much in favor of this change. It makes sense for
> the way I think this will be used. If I were administrating a web server
> and wanted to use PKP, I would generate the PKP string and install it as
> PKP-RO for a few days. If no reports came in, it would be ready for
> production.
Not necessarily.
This type of PKP-RO would *NOT* detect whether all your subdomains or
load-balancers / front-end machines are correctly configured with the right
certs.
If people do what you suggest, they could easily get a false impression
that they're ready to go live ("no reports - it must be good!"), and screw
up their site.
Trevor
_______________________________________________
websec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/websec
