diff --git a/draft-ietf-httpbis-alt-svc.xml b/draft-ietf-httpbis-alt-svc.xml
index 81c6e31d9..51b5f3568 100755
--- a/draft-ietf-httpbis-alt-svc.xml
+++ b/draft-ietf-httpbis-alt-svc.xml
@@ -859,6 +859,13 @@ Alt-Used: alternate.example.net
lifetime, so that the user agent still directs traffic to the attacker even when
not using the intermediary.
+
+ Implementations &MUST; perform any certificate-pinning validation (e.g.
+ ) on alternative services just as they would on direct
+ connections to the origin. Implementations might also choose to add
+ other requirements around which certificates are acceptable for alternative
+ services.
+
@@ -1083,6 +1090,17 @@ Alt-Used: alternate.example.net
+
+
+ Public Key Pinning Extension for HTTP
+
+
+
+
+
+
+
+