https://bugzilla.wikimedia.org/show_bug.cgi?id=47832
--- Comment #21 from Matthew Flaschen <[email protected]> --- (In reply to comment #20) > Why would or should we be using certificate pinning? Are we really going to > require all users to explicitly install the Wikimedia certificate on their > browsers? Of course not. It's done automatically, such as through a HTTP header. See https://tools.ietf.org/html/draft-ietf-websec-key-pinning-07 . This is already implemented at least in Chrome (https://code.google.com/p/chromium/issues/detail?id=78369). There's also a competing standard, http://tack.io/ -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
