Please support HTTP Public Key Pinning and more security headers
Created: 2 years and 6 months ago
As you already described how certificates in HTTPS work you also mentioned the issue that all CAs can issue bad certs for your domain. However there is a good technology to prevent such attacks: HTTP Public Key Pinning.
Thank you all for the many comments, questions and suggestions. Particular thanks go to user x.15a2 for constantly monitoring, replying and helping so many users here. To continue these discussions, please head over to the DuckDuckGo subreddit.