Please support HTTP Public Key Pinning and more security headers

blobgo blobgo
Created: 2 years and 3 months ago
As you already described how certificates in HTTPS work you also mentioned the issue that all CAs can issue bad certs for your domain. However there is a good technology to prevent such attacks: HTTP Public Key Pinning.

More information:

How to set up HPKP:

And there are other security headers you may want to add:

This forum has been archived

Thank you all for the many comments, questions and suggestions. Particular thanks go to user x.15a2 for constantly monitoring, replying and helping so many users here. To continue these discussions, please head over to the DuckDuckGo subreddit.