Public Key Pins Header


#1

Currently clients have no way to pin a public key of the API.

It would be nice if LetsEncrypt offered a supported way for a client to pin a public key against the API’s certificate chain.

I would propose that LetsEncrypt start sending the Public-Key-Pins HTTP header so that clients that want to start pinning public keys have a supported and automated means to do so.

To be clear, this isn’t a request for pinning public keys for certificates that the Let’s Encrypt CA issues, rather this is for the ACME API itself so that clients may pin against it.


#2

For reference linking to the previous thread on that subject:


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.