Certificate pinning for github.com #2496
Comments
|
Hi, thank you for writing in!
|
You’re welcome!
“Pinning” refers to accepting only a specific certificate or certificate authority, rather than any certificate that can be validated against a root certificate trusted by the OS.
The purpose of pinning is to protect against credential leakage should a trusted certificate authority be fooled into issuing fraudulent certificates. This can happen either because the certificate authority is compromised, or because someone has managed to convince the certificate authority that they control a domain when in fact they do not. Both have happened in the past.
Not sure. There may be a way to do so via environment variables. If we make command-line calls to libgit2, we should be fine. One alternative would be for GitHub to provide anonymous, read-only SSH access.
For Enterprise, a certificate authority would need to be specified. |
|
Thanks for explaining. I'm not sure if I have the bandwidth to research/implement this, but I've found a golang library that is promising: https://github.com/tam7t/hpkp For shelling out to git, this might be a However wants to take a stab at this is welcome! |
The problem I'm trying to solve:
hubshould pin the either the certificate or certificate authority used by GitHub, and tell git processes it runs to do the same.How I imagine hub could expose this functionality:
This should work out of the box for
github.com. For GitHub Enterprise, configuring a certificate authority and/or certificate will be required.The text was updated successfully, but these errors were encountered: