Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
HPKP preloading #778
Comments
thestinger
added
Type: enhancement
website
far-future
labels
Oct 22, 2017
thestinger
closed this
Oct 26, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
thestinger commentedOct 22, 2017
•
edited
Edited 2 times
-
thestinger
edited Oct 25, 2017
-
thestinger
edited Oct 25, 2017
Our Public-Key-Pins header is now set to 60 days so it will be ready for preloading once it's finalized by stripping it down to the 3 pins for Let's Encrypt (intermediate, fallback intermediate, root granting it trust) and our 5 backup pins (RSA 2048, RSA 3072, RSA 4096, ECDSA secp256r1, ECDSA secp384r1).
We currently have extra pins for the roots granting trust to each CA used by Cloudflare Universal SSL to be able to use their reverse proxy for DoS mitigation without paying for the Business plan to use custom certificates.